||This article includes a list of references, but its sources remain unclear because it has insufficient inline citations. (June 2013)|
SecuriTeam is a free and independent computer security portal, covering both security news and the most recent threats, with a database dating back to 1998. SecuriTeam's main focus is software vulnerabilities.
SecuriTeam was founded by Aviram Jenik and Noam Rathaus and was the basis of what evolved into the security scanning vendor Beyond Security  but now runs as a completely community-run project. Its most notable effort is the web portal where they notify visitors of new security vulnerabilities, tools and exploits. Another community tool SecuriTeam provides is a blogs site where notable security names such as Roger Thompson, Rob Slade and David Harley write, although most of the contributions to the site are from newer names in the security field. One such contributor is Juha-Matti Laurio who writes about new Zero day attacks as they come out in FAQ form, to end users, and Matthew Murphy who writes technical commentary and policy commentary on the issue of full disclosure.
These are published on the SecuriTeam blogs site, and on a site created just for the comic strips called SecuriToons.
Currently, SecuriTeam has three running cartoons, each published twice a week:
- Memory Leak by the artist Brian Shearer - a comic strip dealing with issues related to current events in the security world by the means of jokes.
- Insecurity by the artist Michael Rankin - a story yet to be understood.
- Earl by the artist Dan Thompson - the happenings of Earl the hacker, his land-lord and his sexy neighbor.
Older cartoons SecuriTeam used to run, include:
- Hacked by the artist Dale Braden - a comic strip with a new security related joke every slide.
- Null Terminated by the artist Brian Shearer - a comic strip with assembly language and reverse engineering jokes.
- Zoned-Out by the artist V Shane - Zoned-Out only lasted for one slide.
Debate: Publishing exploit code publicly
SecuriTeam is one of the few sites online which refer to themselves as whitehat, and serve exploit code to the public. Serving exploit code publicly is a very heated issue in security circles, as some believe this aids miscreants in creating new attacks such as worms.
Once such exploit code is available openly, it is much easier for virus authors to embed in malware and release it, infecting computers.
Others believe that the miscreants already have their sources for the exploit code, and that unless information such as this is provided to the community, it will be that much more difficult to defend against attackers, comparable to being blind while under attack. Further, finding the information defenders need the way blackhats do in unacceptable to most defenders, and would make it that much more difficult for them to stay on the "right side of the fence". According to advocates of this approach, the bad guys have their resources mainly because they hang in shady circles and perform unethical actions. Whitehats would be hard pressed both legally and ethically to act in this fashion.
This issue is often considered one of ethics. The SecuriTeam community believes that knowledge should be free and advocates the full disclosure of security information, such as vulnerabilities and exploits.
SecuriTeam publishes statistics about its vulnerability database, with data on the number of articles published on the web site and those relating to certain keywords. This is intended to highlight trends on the disclosure of vulnerabilities in popular products and tools.
- "Company Overview." Beyond Security.
- Security flaw threatens Cisco Web site, ZDNet UK.
- Critical Path oversight exposes NSI email, CNet news.
- Microsoft's Security Disclosures Come Under Fire, eWeek.com.
- Coverage of a SecuriTeam interview with expert Ilfak Guilfanov, eWeek.com Weblog.
- Blog spam as a growing trend, The Washington Post.
- International crime rings, not hackers, true Internet villains, The Age.
- Microsoft PowerPoint 0day debated, Redmondmag.com.
- Drag-and-drop Flaw in Internet Explorer Reported, PCWorld.