All about Security

Computer Security Conference Ranking and Statistic

 https://people.engr.tamu.edu/guofei/sec_conf_stat.htm

Datasets | Paper Writing

This website offers a ranking of many computer security conferences. The ranking is accompanied by a yearly acceptance ratio statistic.


deps.dev

 https://deps.dev/

Tools

deps.dev is a dependency analyzer for multiple language ecosystems (npm, Go modules, Maven, PyPI, Cargo). It shows basic information, such as the metadata (including license) about each package, dependencies, and reverse dependencies. It enhances these information by adding a diff viewer for the versions. Security advisories affecting a package or dependency are highlighted. The OpenSSF scorecard is also integrated, showing more insights about the project health.

The second feature of the website is an advisory viewer. It shows details about each advisory, including affected versions. It also calculates how much of the ecosystem is affected and patched.


GitHub Advisory Database

 https://github.com/github/advisory-database

Datasets

GitHubs Advisory Database tracks CVEs and all GitHub advisories. Contributions to GitHub advisories are possible.


Global Security Database (GSD)

 https://github.com/cloudsecurityalliance/gsd-database/

Datasets

Global Security Database (GSD) is a project run by the Cloud Security Alliance to collect and track vulnerabilities. Conceptually it is similar to CVEs but with an open collaborative contribution process. Data from other vulnerability databases is imported and managed together.


Known Exploited Vulnerabilities Catalog

 https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Datasets

The Known Exploited Vulnerabilities Catalog is a project by the Cybersecurity & Infrastructure Security Agency (CISA) tracking actively exploitet vulnerabilities. The data includes the vulnerability, the affected product, short description of the vulnerabililty, and remediation actions. The data is available in machine readable format.


Open Source Vulnerabilities (OSV)

 https://osv.dev/

Datasets

osv.dev is a vulnerability database or open source projects. It mainly acts as an aggregator for multiple other databases. For example data from Google's OSS-Fuzz project and various language specific vulnerability databases is combined together.


System Security Cirrcus

 http://s3.eurecom.fr/~balzarot/notes/top4_2018/

Datasets | Paper Writing

The System Security Cirrcus by Davide Balzarotti presents many statistics about the Top-4 security conferences, such as authors and affiliations.


Transient Execution Attacks

 https://transient.fail/

Datasets

The website lists all known speculation side channel attacks. Each attack contains information about the attacked buffer, the affected vendors, and working state. They are sorted into a hierarchy. Each attack is also linked to proof-of-concepts and the academic papers.