Chapter 6. Knowledge of vulnerabilities as an element of cybersecurity argument
This chapter explores vulnerability detection, which is often considered a dominant component of system assurance. The focus is on detecting off-the-shelf vulnerabilities, the corresponding information exchanges, the markets of the vulnerability knowledge, as well as the vulnerability detection ecosystem built around the NIST Security Content Automation Protocol (SCAP) standards. Vulnerability databases and ways of transforming vulnerability knowledge into machine-readable content are described. We describe the organization of two vulnerability databases and demonstrate how this knowledge can be added to the integrated system model.
vulnerability, vulnerability ...