OSF Mission
Open Security Foundation is a 501(c)(3) non-profit public organization founded and operated by information security enthusiasts.
We exist to empower all types of organizations by providing knowledge and resources so that they may properly detect, protect, and mitigate information security risks.
We believe that security information and services should be easily accessible for all who have the need for such information and services. We promote open collaboration between companies and individuals, provide unbiased information to uphold educated risk decision-making, and attempt to eliminate the need for redundant works.
Download our 501(c)(3) confirmation letter.
OSF Directors and Officers
- Corporate Directors and Officers:
| Chairman / CEO-CFO: | Jake Kouns | President / COO: | Brian Martin |
| Vice-President / CTO: | David Shettler | Secretary / CCO: | Kelly Todd |
OSF Benefits
Leverage industry expertise of OSF members and the security community to provide accurate, detailed and unbiased information about the security of computers, networks, and personally identifying information.
Develop partnerships with security organizations that can gain benefit from OSF data and leverage both organizations' strengths (for example, providing vulnerability scanner users with OSVDB references, which prompts individuals to recognize and use OSVDB, and providing the DataLossDB for open research, which in turn promotes OSF as a recognized leader in breach data).
Areas of focus will include security vulnerabilities, security exploits, security testing information, security best-practices and providing information about the security of personally identifiable information.
Open Security Foundation is looking to sponsor and / or host new projects. Please contact us if you have an idea that you feel would benefit the information security community. All inquiries regarding contributions are welcome.
Open Security Foundation
5518 Olde Hartley Way
Glen Allen, VA 23060
About Open Security Foundation
Open Security Foundation provides independent, accurate, detailed, current, and unbiased security information. Open Security Foundation runs the Open Source Vulnerability Database (OSVDB) and the DataLossDB.
OSVDB's goal is to provide accurate and unbiased information about security vulnerabilities in computerized equipment. The core of OSVDB is a relational database which ties various information about security vulnerabilities into a common, cross-referenced data source. Data is acquired from common security industry sources, entered into the OSVDB database, and cross referenced with existing information.
Latest OSVDB News
| date | author | news |
|---|---|---|
| 2010-02-06 | Open Security Foundation - State of the Union 2010 | |
| 2010-01-31 | January Update: OSVDB Winter 2010 Fundraising Goal | |
| 2010-01-24 | Microsoft, Aurora and something about forest and trees? | |
| 2010-01-04 | Challenge: OSVDB Winter 2010 Fundraising Goal | |
| 2009-12-19 | Adobe, Qualys, CVE and Math | |
| 2009-12-08 | OSVDB 2009 Q4 Changelog | |
| 2009-11-21 | Creditee System Overhauled | |
| 2009-11-15 | Responsible Disclosure - Old Debate, Fresh Aspects?! | |
| 2009-11-09 | Search Filters & Custom Exports | |
| 2009-11-09 | What I learned from early CVE entries |
DataLossDB's goal is to provide accurate and unbiased information about breaches of personally identifying information when lost by or stolen from third parties. DataLossDB is a searchable database that promotes research and the sharing of information by professionals and enthusiasts alike. Data is acquired from verifiable media and government resources and is open for community participation.
Latest DataLossDB Incidents
| Date | Summary |
|---|---|
| 2010-02-08 | Stolen laptops expose 208,000 names, addresses, Social Security numbers and health details |
| 2010-02-06 | Names, birthdays, Social Security numbers, addresses and phone numbers of about 9,000 children accessible on web |
| 2010-02-06 | Mailing error exposes15,000 students Social Security numbers in envelope window |
| 2010-02-03 | Mailed envelope arrives damaged missing pages, 3700 names, policy numbers and Social Security numbers exposed |
| 2010-02-04 | Mailing error exposes 243 landlord tax forms and Social Security numbers |
| 2010-02-04 | Hacked payroll system exposes 27,000 employee names, dates of birth and Social Security numbers |
| 2010-02-01 | Technical error exposes 53 students Social Security numbers, tax forms posted on a website |
| 2010-01-31 | Three stolen laptops contained Social Security numbers of 1400 students and staff |
| 2010-01-30 | Virus-infected computer may have exposed the personal information of 3,500 |
| 2010-01-30 | Hacked server exposes 80,000 employees names, birth dates and Social Security numbers |