Many organizations use the Common Vulnerability Scoring System (CVSS) to prioritize actions during vulnerability management. This podcast—which highlights the latest work in prioritizing actions during vulnerability management—presents a testable Stakeholder-Specific Vulnerability Categorization (SSVC) that avoids some problems with CVSS. SSVC takes the form of decision trees for different vulnerability management communities. During this podcast, CERT vulnerability researchers Eric Hatleback, Allen Householder, and Jonathan Spring discuss SSVC and also take audience members through a sample scoring vulnerability.
My Story in Computing with Sam Procter
Developing and Using a Software Bill of Materials Framework
The Importance of Diversity in Cybersecurity: Carol Ware
The Importance of Diversity in Software Engineering: Suzanne Miller
The Importance of Diversity in Artificial Intelligence: Violet Turri
Using Large Language Models in the National Security Realm
Atypical Applications of Agile and DevSecOps Principles
When Agile and Earned Value Management Collide: 7 Considerations for Successful Interaction
The Impact of Architecture on Cyber-Physical Systems Safety
ChatGPT and the Evolution of Large Language Models: A Deep Dive into 4 Transformative Case Studies
The Cybersecurity of Quantum Computing: 6 Areas of Research
User-Centric Metrics for Agile
The Product Manager’s Evolving Role in Software and Systems Development
Measuring the Trustworthiness of AI Systems
Actionable Data in the DevSecOps Pipeline
Insider Risk Management in the Post-Pandemic Workplace
An Agile Approach to Independent Verification and Validation
Zero Trust Architecture: Best Practices Observed in Industry
Automating Infrastructure as Code with Ansible and Molecule
Identifying and Preventing the Next SolarWinds
Create your
podcast in
minutes
It is Free