We have come a long way. The GDI foundation was originally founded in December 2015 and kicked off 2016 with PROJECT366. In 2017 we grew in numbers with volunteers and members dealing with the victims of huge ransack attacks on open databases systems and the fallout of Eternalblue. Thanks to our volunteers we could help big Digital Service Providers, Internet Service providers but also huge brands, banks, and financial services, defensive industries, cable and telecommunications, food retailing, healthcare, and companies involved in the distribution of clothes, food, and energy protecting their operations by finding easy to find weaknesses in their external systems.
Currently we are are actively tracking over 33 and half million detected vulnerabilities in the world. And on 1 September 2018, we have reported over a half million vulnerabilities in only eight months of 2018. As far as we know, there is no other (non)-profit organization in the world who has such results. The GDI.foundation did more Responsible Disclosures than all the big known bug bounty programs in the world combined.
Although we are increasing in numbers in all aspects, we need to start adding more depth. At this moment the GDI.foundation can be described as a very AD HOC organization. Although our mission is straightforward and clear. Our operational “excellence” and our non-critical additional things (like our website, twitter etc.) is not up to par. And we need more people on board (as in board members who can help bring focus and depth in all areas of the GDI.foundation.
The organisation will expand to six pillars [divisions] which will help achieve our main goal of handling vulnerabilities. In 2019 the GDI.foundation will start providing Unique Intelligence and Human Validated OSINT to trusted partners.
Every pillar [division] will have their own board member to help speed up internal decision making.
Our goal for 2019 is to move our ad hoc approach to more advanced incident handling with our new GCERT as we trying to raise the bar to become an international trusted computer incident response teams who cooperatively handle computer security incidents and promote incident prevention programs even better as we did before. Link: https://gcert.global/
A few of our projects will be made open source. As a non-profit organization which is driven by volunteers, we firmly believe in the collective power of a community of talented individuals working together delivers not only more ideas but quicker development and troubleshooting when issues arise. This is why moved our PROJECTS directly to Github. We want to provide more transparency on how GDI.foundation works and invite others to contribute to our mission. To achieve this goal contributor will get full visibility into the code base, as well as all the proposals, issues and bugs.
The research division will increase the amount of security research to vulnerabilities and their global spreading in 2019. Which will be an important source for the new PROJECTS which take off soon.