Shostack + Friends Blog Archive


Common Vulnerability Scoring System

At RSA, Mike Schiffman presented a Common Vulnerability Scoring System. Brian Erdelyi has taken that, and made a web page to generate numbers. It’s at SecurityHive. (The page requires Javascript be turned on to function.)

One comment on "Common Vulnerability Scoring System"

  • CVSS

    Adam Shostack points to the Common Vulnerability Scoring System (CVSS): Over the past several years, a number of large computer security vendors and not-for-profit organizations have developed, promoted, and implemented procedures to rank information s…

Comments are closed.