The Common Vulnerability Scoring System: Get your threat priorities right
Over the years, I’ve seen and used a diverse range of methods to evaluate and explain the risks associated with a particular security threat or vulnerability. Depending on the audience and the nature of the environment being evaluated, there has always been – and always will be – a frequent need to reclassify the severity of a finding. This is particularly relevant when making use of findings derived from automated security tools.
Mar 6 2006 7:04PM