Chapter 7. Vulnerability patterns as a new assurance content
standard protocol for exchanging system facts
knowledge discovery metamodel
Common Weakness Enumeration (CWE)
The NIST SCAP Ecosystem successfully addresses the exchanges of knowledge for vulnerability management for the known vulnerabilities in commercial off-the-shelf software products. A larger ecosystem for assurance beyond the current SCAP has to involve machine-readable vulnerability patterns as content that can be consumed by code analysis tools and web scanning tools.
In order for cybersecurity knowledge to be systematically collected and accumulated, it should be unlocked from the tools and distributed from the few ...