The Application Vulnerability Description Language (AVDL) is a rather new security interoperability standard within the Organization for the Advancement of Structured Information Standards (OASIS) that was first proposed in April 2003 by several leaders within the application security space. AVDL creates a uniform way of describing application security vulnerabilities using XML.
Caleb Sima, SPI Dynamics CTO, talks to Help Net Security about this interesting web application security topic. Some of the questions you can get answers to by listening to the audio include:
- When and why was AVDL introduced
- Who should care about AVDL
- Is there a need for similiar concepts or AVDL is the thing
- What vendors participate in AVDL
- Would other vendors benefit from participating in AVDL
- Is AVDL a success at this point