Showing entries 1 to 10 of 14
4 Older Entries »
Displaying posts with tag: Government (reset)
NIST::NVD::Store::SQLite3 1.00.00

It’s been released. Use this with NIST::NVD 1.00.00 and you will be able to perform immediate look-ups of CVE and CWE data given a CPE URN. For instance:

cjac@foxtrot:/usr/src/git/f5/NIST-NVD-Store-SQLite3$ perl Makefile.PL ; make ; make test ; cjac@foxtrot:/usr/src/git/f5/NIST-NVD-Store-SQLite3$ perl -MNIST::NVD::Query -MData::Dumper -e '
$q = NIST::NVD::Query->new(store    => q{SQLite3},database => q{t/data/nvdcve-2.0.db});
$cve_list = $q->cve_for_cpe( cpe => q{cpe:/a:microsoft:ie:7.0.5730.11} );
print Data::Dumper::Dumper { cve_list => $cve_list, first_cvss => $q->cve( cve_id => $cve_list->[0] )->{q{vuln:cvss}} }
'
$VAR1 = {
          'cve_list' => [
                          'CVE-2002-2435',
                          'CVE-2010-5071'
                        ],
          'first_cvss' => {
                            'cvss:base_metrics' => { …
[Read more]
Perl interface to processing / querying NIST’s NVD feed

For a work project, I wrote a library in perl that can be used to query the NVD feed that NIST publishes here:

http://nvd.nist.gov/download.cfm

Here’s a snippit from the perldoc:

use NIST::NVD::Query;
 
# use convert_nvdcve to generate these files from the XML dumps at
# http://nvd.nist.gov/download.cfm
 
my( $path_to_db, $path_to_idx_cpe ) = @ARGV;
 
my $q = NIST::NVD::Query->new( database => $path_to_db,
                               idx_cpe  => $path_to_idx_cpe,
                              );
 
# Given a Common Platform Enumeration urn, returns a list of known
# CVE IDs
 
my $cve_id_list = $q->cve_for_cpe( cpe => 'cpe:/a:zaal:tgt:1.0.6' );
 
my @entry;
 
foreach my $cve_id ( @$cve_id_list ){
 
  # Given a CVE ID, returns a CVE entry
 
  my $entry = $q->cve( cve_id => …
[Read more]
Ask What Your Database Can Do for Your Country

How many in your household again?

One of President John Kennedy’s most memorable phrases is “ask not what your country can do for you –  ask what can you do for your country”.  I got to thinking about this over lunch with a fellow colleague in the big data space. After comparing named customers for a while, we realized we had forgotten one of the biggest “big data” customers whom we both have in common – the government.

Whether you believe in small or big government, one thing is for certain – it has some very big data on its hands. Some of this is freely available, such as the …

[Read more]
CAOS Theory Podcast 2010.11.12

Topics for this podcast:

*Our latest CAOS Special Report – Control and Community
*Red Hat releases RHEL 6
*Symbian and Oracle highlight community challenges
*The latest on government adoption of OSS from GOSCON
*Open core issue continues, now with Linux and evil twins

iTunes or direct download (31:02, 8.5MB)

Open Source Saves Malaysian Government RM188 Million

Back in January 2009, we found out that the Malaysian Government had saved about RM40 million using open source. In a little over a year, that number has been topped: over the past six years, the total costs savings are now quoted to be RM188.39 million (USD$58.54 million)! That’s a hell of a lot of money for software licenses, don’t you think?

Worth noting is that before the OSS Master Plan started, there were zero companies supporting OSS registered with the Ministry of Finance. Now more than half of the 4,000 companies do (53% is the quoted number). For more information, read the latest

[Read more]
451 CAOS Links 2009.04.17

Open source in government. Sourcefire announces relationships with Symantec and Microsoft. EPL supercedes CPL. The cost and potential savings of open source. The origins of open source. IBM and Sun - back on? And more.

Follow 451 CAOS Links live @caostheory

# OStatic: Why Isn’t Open Source Even Considered at the U.S. State Government Level?

# Simon Phipps: Five Ideas To Get FOSS Into Governments.

# Sourcefire’s 3D system to be bundled as part of the Symantec Managed Security Services offering.

# Sourcefire has also announced a strategic relationship with Microsoft.

# The Eclipse Foundation has …

[Read more]
Stimuluswatch.org; The Falling Cost and Accelerated Speed of Group Action

Stimuluswatch.org is a great example of how easy it is today for people to, as Clay Shirky says, “organize without organizations.” Stimuluswatch.org began after Jerry Brito attended a mayor’s Conference and posted this request:

"Let’s help President-Elect Obama do what he is promising. Let’s help him “prioritize” so the projects so that we “get the most bang for the buck” and identify those that are old school “pork coming out of Congress”. We can do this through good clean fun crowdsourcing. Who can help me take the database on the Conference of Mayors site and turn each …

[Read more]
Open Source Economy Conference 2008

Last week I found out about the Open Source Economy Conference 2008 held in Putrajaya, Malaysia on the 19th of November 2008. Its co-organised by Sun and the Multimedia Development Corporation (MDeC). Its also the “launch” of MySQL in Malaysia.

I only mention this because I’m speaking - check the agenda out. Don’t hesitate to register now.

The power of RSS

Thanks a ton to Xarb who reminded me of pipes in his blog post about filtering out fluffy planet mysql authors.


I should remember Pipes, since I work at Yahoo and I was called in to help out with their DB that first full day they were launched and couldn't handle the traffic, but hey, sometimes things just don't come to mind.

read more

Aslam Raffee, Innovator in Open Source Public Policy

One of the most interesting people I met during my trip to South Africa earlier this week was Aslam Raffee. He keynoted the Sun event, sharing his view of the South African government’s stance on Open Source.

Aslam has two roles: He is the Chief Information Officer at the South African Department of Science and Technology. He is also the chairperson of the OSS Workgroup in the South African Government IT Officers Council.

From Aslam’s presentation, it is clear that South Africa is ahead of the game when it comes to finding out ways to mandate the use of Open Source in Government. I had the privilege to talk to Aslam over lunch, and he described the …

[Read more]
Showing entries 1 to 10 of 14
4 Older Entries »