Lead Security Researcher, SpiderLabs
Trustwave | SMART SECURITY ON DEMAND
For passive Vulnerability Identification (modsecurity_crs_56_pvi_checks.conf), Mod-security needs a file named vulnerabilities.txt from osvdb.
But the osvdb.org will no longer publish such a file ("as they said"). Does this mean that I can't have PVI checks?
P.S. I wasn't using PVI checks before, so I don't have any versions of the vulnerabilities.txt file.--