Pass the SALT 2026

Alexandre Dulaunoy


Sessions

07-01
17:40
5min
Rulezet.org The Open Source Security Intelligence Repository
Alexandre Dulaunoy

https://rulezet.org/ - Explore, share and manage detection rules across all major formats. An open source project and open free online service.

Amphitheater 122
07-02
11:10
35min
GCVE: Rebooting Vulnerability Tracking for an Open Security Ecosystem
Alexandre Dulaunoy

The vulnerability ecosystem has become critical infrastructure for defenders, vendors, researchers, and open source maintainers. Yet the way identifiers and vulnerability data are assigned, published, and distributed still reflects a centralized model that does not always match the speed, diversity, and realities of today’s security landscape.

This talk introduces GCVE, a new approach to vulnerability identification and tracking designed to support a more open, decentralized, and resilient ecosystem. GCVE rethinks how vulnerability numbers can be allocated, how trusted actors can publish advisories, and how vulnerability information can be synchronized without creating unnecessary bottlenecks or dependency on a single central authority.

Through the lens of open source security, the talk will explain why this matters: maintainers need lightweight processes, defenders need timely and structured data, and the community needs a model that encourages participation rather than gatekeeping. It will also show how GCVE and its associated tooling can help make vulnerability tracking more transparent, interoperable, and adaptable.

Rather than presenting only a new identifier format, this session will explore a broader idea: how we can build vulnerability tracking as shared public infrastructure for the security community.

ThreatIntel
Amphitheater 122