Add to Favorites | Login | Register
Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

About us Contact us

FIRST releases General vulnerability scoring system version 4.0

2025-01-16 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > IT Information >

Share

Shulou(Shulou.com)11/24 Report--

CTOnews.com November 2 News, incident response and Security team Forum (FIRST) today officially launched the CVSS 4.0 generic vulnerability scoring system, eight years after the 3.0 (last major version).

CTOnews.com Note: CVSS (Common Vulnerability Scoring System) is a standardized method for measuring the severity of software vulnerabilities, which scores vulnerabilities by multiple dimensions (such as attack complexity, scope of impact, etc.), thus providing a quantitative risk assessment tool for enterprises and organizations.

FIRST says:

The revised standard provides consumers with more refined basic indicators, eliminates the fuzziness of downstream scores, simplifies threat indicators, and improves the effectiveness of evaluating specific environmental safety requirements and compensation control.

In addition, several additional indicators for vulnerability assessment have been added, including automation (wormable), recovery (resiliency), value density, vulnerability response efforts, and provider urgency.

A key enhancement of CVSS v4.0 is the additional applicability to OT / ICS / IoT, adding safety metrics and values to supplementary and environmental indicator groups.

The new version also adds new naming methods, including Base (CVSS-B), Base + Threat (CVSS-BT), Base + Environmental (CVSS-BE), and Base + Threat + Environmental (CVSS-BTE).

Chris Gibson, CEO of FIRST, said:

The CVSS system has grown rapidly over the past 18 years, and each version is based on our ability to resist cybercrime. I am extremely proud of CVSS-SIG 's hard work and dedication to making version 4. 0.

As a membership organization, our goal is to empower our members and industries, demonstrate leadership, and ensure that we are committed to constantly improving the way we work together to protect people around the world from cyber attacks.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Tag Search: Vulnerabilities metrics versions scores security evaluation systems methods standards environment networks work attacks complexity effectiveness urgency pride continuity severity membership vpn macOS Linux MariaDB MySQL Docker Shulou Information Shulou Technology Shulou Tech Info OPPO Reno Redmi Xiaomi NVidia Microsoft Huawei Apple Huawei Shulou Technology Linux Microsoft MySQL Shulou Tech Info Apple NVidia Redmi OPPO Reno macOS MariaDB Docker vpn Shulou Information Xiaomi Huawei Shulou Technology Linux Microsoft MySQL Shulou Tech Info Apple NVidia Redmi OPPO Reno macOS MariaDB Docker vpn Shulou Information Xiaomi

Share To

Related

IT Information

More IT Information >

Latest Network Security More Network Security >

Latest Internet Technology More Internet Technology >

Latest Development More Development >

Latest Database More Database >

Latest Servers More Servers >

Latest Mobile Phone More Mobile Phone >

Latest Android Software More Android Software >

Latest Apple Software More Apple Software >

Latest Computer Software News More Computer Software News >

Latest IT Information More IT Information >

Wechat

About us Contact us Product review car news thenatureplanet

© 2024 shulou.com SLNews company. All rights reserved.

12
Report