• United States
Senior Editor

Application security

Feb 23, 20042 mins

* Application Vulnerability Description Language

How do you manage your application security risk?

Our Technology Update author this week takes a look at a proposed standard for handling that sometimes tricky, but increasingly important task.

The Application Vulnerability Description Language (AVDL) is intended to standardize information about application vulnerabilities, letting different, multi-vendor products share vulnerability information.

If widely adopted, the AVDL standards will let customers deploy diverse security technology to protect their network without having to sacrifice integration and interoperability, say experts. Our author ( says using AVDL, security tools and products from different vendors will be able to communicate to coordinate their security operations and automate security management.

Because all new vulnerability alerts can be described consistently in AVDL, automation of security management also vastly reduces the incident response time, closing critical vulnerability windows and enhancing security posture. AVDL-based security alert bulletins will give users highly efficient access to the collective security expertise of all participants in this dynamic field where even the largest organizations are challenged to keep up with rapid industry evolution.

Obviously for AVDL to become most useful it needs to be adopted by more industry players. For now its biggest backers are Citadel, GuardedNet, NetContinuum, SPI Dynamics and Teros. For more on this topic see: