Infosec.Pub

4,618 readers
150 users here now

To support infosec.pub, please consider donating through one of the following services:

Paypal: jerry@infosec.exchange

Ko-Fi: https://ko-fi.com/infosecexchange

Patreon: https://www.patreon.com/infosecexchange

founded 2 years ago
ADMINS
jerry
shellsharks
modbot
listing: all - local
search
1
4
Feedback open until 31 of August for CVSS 4.0 (www.first.org)
submitted 2 years ago by N7x to c/cybersecurity
0 comments fedilink
2
5
Feedback open until 31 of August for CVSS 4.0 (www.first.org)
submitted 2 years ago by N7x to c/appsec
2 comments fedilink
3
5
CVSS v4.0 Public Preview (www.first.org)
submitted 2 years ago by shellsharks to c/cybersecurity
0 comments fedilink
 
 

Where are my VM folks at? CVSS v4.0! Some takeaways reading the brief change list...

  • Emphasis that scoring is not just the Base metrics but in order to get an accurate score you need to consider temporal/environmental scores. Awesome and so true.
  • Attack Requirements (AT) seems useful given so much of what the "likelihood" of a successful attack is dependent on how likely it is for the attacker to meet all requirements.
  • Temporal renamed to "Threat metric". Don't like...
  • RL and RC deprecated. Good. Never liked those
  • More emphasis on OT vs IT which is great!

Thanks to @forgetful@infosec.exchange for tootin' about it!

view more: next ›