|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: InfoSec News (alerts
infosecnews.org)
Date: Wed May 23 2012 - 06:34:22 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
http://news.techworld.com/security/3359074/security-vulnerability-reporting-framework-upgraded-for-researchers/
By John E Dunn
Techworld
21 May 2012
The security industry’s Common Vulnerability Reporting Framework (CVRF)
framework for reporting and sharing security vulnerabilities in a
machine-readable format has been given a promised revamp to make it
easier to use for third-party researchers.
Managed by industry body, the Industry Consortium for Advancement of
Security on the Internet (ICASI), version 1.1 features a new hierarchy
for defining products as well as tweaks to ensures that the data entered
into it in XML format is less vendor-centric.
It also debuts a range of smaller changes that iron out the pitfalls of
version 1.0, released a year ago to allow vendors and enterprises to
receive vulnerability data in an automated, standardised way. It
replaced a multitude of formats used by individual companies.
That work continues with 1.1 being presented as another step to
vendor-independent standardisation, the lack of which had risked
shutting out anyone not acquainted with each approach, mostly
independent researchers.
[...]
_______________________________________________
LayerOne Security Conference
May 26-27, Clarion Hotel, Anaheim, CA
http://www.layerone.org
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]