Vulntology - A Methodology to Characterize Vulnerabilities with Granular and Intuitive Structure

Explore a comprehensive methodology for characterizing vulnerabilities in this 45-minute conference talk by Christopher Turner from the National Institute of Standards and Technology. Delve into the Vulntology framework, which offers a granular and intuitive structure for understanding and classifying security vulnerabilities. Learn about the challenges posed by language barriers and structural changes in vulnerability descriptions. Examine key components of the methodology, including the Vulnerability Object, Vulnerability Identifier Object, Scenario Object, Product Object, Barrier Object, Action Object, and Impact Object. Gain insights into both single and multiple scenario applications of Vulntology. Conclude with a recap of the presented concepts, equipping yourself with a powerful tool for enhancing cybersecurity practices and communication.