August 11th, 2005 was the debut of NVD (The National Vulnerablility

Database) by the National Institution of Standards and Technology

(NIST). Quoting directly from the NVD website “NVD is a

comprehensive cyber security vulnerability database that integrates all

publicly available U.S. Government vulnerability resources

and provides references to industry resources. It is based on and

synchronized with

the CVE vulnerability naming standard.” The database is funded by the Department of Homeland Security’s National Cyber Security Division.

So what NIST has provided us in the form of NVD is a comprehensive one

stop shop for locating information about vulnerabilities in products

presented in an easy to use format. I spent a few minutes with

the database, popping in the names of software vendors and you

certainly will find tons of info, even on software packages that don’t

pop into your mind when thinking about vulnerabilities – such as your

back up software.

This is certainly a site you want to bookmark and make visiting it a

regular part of your security protocols. You can get to it by

clicking here.