OSVDB API and Enhanced Cross-referencing
We are pleased to announce the OSVDB API beta.
Integration and cross-referencing with OSVDB just got a lot easier via the new application programming interface (API), which can provide multiple result formats to fit various needs. Queries can be run against any number of correlation factors, including CVE ID, Microsoft Bulletin ID, Bugtraq ID, and a host of other common reference points. The API is also under constant development, particularly during beta, and suggestions for improvements are quickly and easily implemented by the OSVDB development team.
Some technical details about the API include:
- It is a RESTful interface to the OSVDB database
- It returns your choice of XML or CSV
- Allows OSVDB ID correlation to a growing list of other references and integrators products
- And importantly, it is free – though donations are appreciated.
To begin using the API, first, login or create an account, then visit the API overview for general information, or skip right to the API Documentation to get started. During beta and perhaps beyond, accounts are limited to 100 queries per day. To request a greater allotment of daily queries, fill out the Integration request form.
In other news, we have done some significant mapping work over the last month. We have broken out certain references into a new category called “Tools & Filters”. A good example of how this section works is OSVDB ID 40229. We then worked to map:
- Over 9,500 OSVDB ID’s to Nessus nasls
- Over 1,000 OSVDB ID’s to Snort filter ID’s
- Over 400 OSVDB ID’s to Nikto scans
We are also in the process of working with other vendors and products to map out more tools. If you have an open source or commercial security product, and you reference vulnerabilities, contact moderators for information on how we can include your filters/rules in our vulnerability listings.