O'Reilly logo

System Assurance by Djenana Campara, Nikolai Mansourov

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 7. Vulnerability patterns as a new assurance content
Keywords
Keywords vulnerability
vulnerability pattern
standard protocol for exchanging system facts
knowledge discovery metamodel
Common Weakness Enumeration (CWE)
Abstract
The NIST SCAP Ecosystem successfully addresses the exchanges of knowledge for vulnerability management for the known vulnerabilities in commercial off-the-shelf software products. A larger ecosystem for assurance beyond the current SCAP has to involve machine-readable vulnerability patterns as content that can be consumed by code analysis tools and web scanning tools.
In order for cybersecurity knowledge to be systematically collected and accumulated, it should be unlocked from the tools and distributed from the few ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required