Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Nessus Risk Rating Discussion Part Trois - CVSS

from [Yeomans, Andrew] Network Security [Permanent Link]
Subject: Nessus Risk Rating Discussion Part Trois - CVSS
Date: Tue, 22 Feb 2005 09:37:27 -0000 
There's been an interesting announcement at the RSA Conference for CVSS, the
Common Vulnerability Scoring System.

Many of the main vendors have agreed a scoring system, which will help
prioritize vulnerabilities. Tantalisingly brief details are given ion 
http://www.newscientist.com/article.ns?id=dn7040 or
http://www.infoworld.com/article/05/02/18/HNvulnerabilityrating_1.html

I've found very little real detail elsewhere, though Qualys have included
support in their product roadmap.

This might put pressure on Nessus to conform, at least when (if?) CVSS turns
from a press announcement to something real. 

Andrew Yeomans (Andrew.Yeomans@drkw.com)
Global Information Security, Dresdner Kleinwort Wasserstein





--------------------------------------------------------------------------------
The information contained herein is confidential and is intended solely for the
addressee. Access by any other party is unauthorised without the express 
written permission of the sender. If you are not the intended recipient, please 
contact the sender either via the company switchboard on +44 (0)20 7623 8000, or
via e-mail return. If you have received this e-mail in error or wish to read our
e-mail disclaimer statement and monitoring policy, please refer to 
http://www.drkw.com/disc/email/ or contact the sender. 3166
--------------------------------------------------------------------------------

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Mapping between plugin id's and CVE-ID and bugtraq id's, Raghunandan
Next by Date:  Re: Mapping between plugin id's and CVE-ID and bugtraq id's, Javier Fernandez-Sanguino
Previous by Thread:  Mapping between plugin id's and CVE-ID and bugtraq id's, Raghunandan
Next by Thread:  Re: Nessus Risk Rating Discussion Part Trois - CVSS, Renaud Deraison
Indexes:  [Date] [Thread] [Top] [All Lists]