Hi,
I'm working on a vulnerability management solution for my organization and plan to integrate it with the OSV database. I have a few questions and would appreciate your insights.
Queries :
1. Who owns the OSV database?
2. Where is the physical data stored?
3. Is there any partnership with the Indian government or any related agency?
4. Does your system maintain a record of API calls, including details on who is querying based on CVE?
5. Is your API secured? I noticed that no registration, token, or certificate is required.
6. Do you also collect and provide vendor solutions/recommendations for specific CVEs?
7. Are you offering or generating solution recommendations for CVEs where none are currently available?