ModSecurity Trustwave
This blog has moved! Please update your
bookmarks to

ModSecurity Blog: June 2004

AVDL becomes a standard

Application Vulnerability Description Language (AVDL) has been approved as an OASIS standard last week (see email from Karl F. Best). AVDL is an XML-based protocol for transfer of vulnerability information from scanner tools to protection (or security management) systems. Having been in the draft state for some time now, most of the big web security software scanner tool vendors already support it.

Security patterns repository

I am a great fan of security patterns. Unfortunately, they don't seem to be popular these days. I was having particularly hard time recently finding some information I knew existed (because I read it long time ago). I was looking for a security pattern repository that was hosted at The web site is gone now but the work is still preserved here. (Update: The link does not work any more. Here are the copies I made: doc 1, doc 2, doc 3.) The main document consists of 166 pages and documents 29 patterns. Recommended reading!


November 2010
Sun Mon Tue Wed Thu Fri Sat
1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30


Atom Feed



Recent Entries