Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Getting CVSS, NVD, and CVEs to Work for You - Standardizing and Scaling Your Vulnerability Risk Analysis

BSidesLV via YouTube

Overview

Explore a comprehensive analysis of vulnerability risk assessment in this 24-minute conference talk from BSidesLV 2019. Delve into the world of Common Vulnerability Exposures (CVEs), Common Vulnerability Scoring System (CVSS), and the National Vulnerability Database (NVD) to standardize and scale your organization's approach to vulnerability risk. Learn about stakeholder involvement, the importance of CVSS, and how to implement these tools effectively. Examine practical examples, including Base Score, Temporal Score, and Environmental Score components, as well as additional mitigations. Discover useful visualizations and understand the limitations of these systems. Conclude with a summary and audience Q&A session to solidify your understanding of vulnerability risk analysis techniques.

Syllabus

Introduction
Disclaimer
Common Vulnerability Exposures
Stakeholders
Why are we using CSS
How do we get there
Example
Bass Score
Temporal Score
Environmental Score
Environmental Score Components
Additional Mitigations
Visualizations
Limitations
Summary
Audience Questions

Taught by

BSidesLV

Reviews

Start your review of Getting CVSS, NVD, and CVEs to Work for You - Standardizing and Scaling Your Vulnerability Risk Analysis

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.