Instead these unfortunate circumstances where they choose a period to Internet Payday Loan Internet Payday Loan it to go to wonder that means.

Sharp Ideas

Open Source, Future Technology, and the Web

Sharp Ideas header image 2

New Common Vulnerability Scoring System (CVSS) holds promise for security community

February 18th, 2006 · No Comments · information security

NIAC* and the Forum of Incident Response and Security Teams (FIRST) recently release information on a Common Vulnerability and Scoring System (CVSS). CVSS is “is a vendor agnostic, industry open standard designed to convey vulnerability severity and help determine urgency and priority of response. It solves the problem of multiple, incompatible scoring systems and is usable and understandable by anyone.” CVSS consists of three categories of measurement: base metrics which describe qualities intrinsict to any vulnerability, temporal metrics which measure the characteristics of a vulnerability over its lifetime, and environmental metrics which describe characteristics of a vulnerability which are tied to a specific implementation in a specific user’s environment.

CVSS metrics

Personally I think the CVSS is a bold step forward (beyond all of the FUD and hype that surrounds security information).

If you want more detail, feel free to check out the final report describing the CVSS.
*The National Infrastructure Advisory Council (NIAC) is an element of the Department of Homeland Security that advises the President on issues related to the security of information systems for public and private institutions.


0 responses so far ↓

  • There are no comments yet...Kick things off by filling out the form below.

Leave a Comment