A new open source service aims to speed up the security industry’s response to zero-days and high impact vulnerabilities.
Bug Alert, developed by security engineer Matthew Sullivan, is a free tool running on GitHub that sends subscribers early warnings of newly disclosed security flaws.
Sullivan says that Bug Alert will focus on “get-out-of-bed and cancel-your-date-night types of issues”, with short and clear messages. Alerts, he says, will be “rare”, with only the most serious notices sent out.
According to Sullivan, Bug Alert was inspired by the suboptimal response to the Log4J vulnerability, which is arguably unparalleled in its attack surface and was being exploited within 24 hours of, and possibly even before, disclosure. Security teams lost valuable time between the first exploits surfacing on Twitter and the issuance of a CVE, said Sullivan.
YOU MIGHT ALSO LIKE Introducing Malvuln.com – the first website ‘exclusively dedicated’ to revealing security vulnerabilities in malware