Open Source CVE Monitoring and Management
Open Source CVE Monitoring and Management
Presented by:
Akshay Bhat
Director of Engineering, Security Solutions
Embedded Linux Conference North America 2019 August 21, 2019
?2019 Timesys Corp.
2 Agenda
Introduction to CVE ? Monitoring techniques
Prioritizing CVE Strategy for CVE fixes Quality of CVE data and tools Best practices, mitigation strategies
3 CVE what?
Common Vulnerabilities and Exposures ? List of entries of publicly known cybersecurity vulnerabilities
Does not cover silent "bug" fixes or undiscovered vulnerabilities
Publicly available in the form of feeds ? Mitre ? National Vulnerability Database (NVD)
? Additional metadata
Undiscovered vulnerabilities
Vulnerabilities not in CVE dictionary
Vulnerabilities in CVE
dictionary
* not to scale
4 How much does security mean to you?
Tools + manual analysis of
CVEs in feed
CVE feeds, security bulletins, issue
trackers, mailing lists
Static analysis, fuzzers
Monitoring Effort
Open source tools to monitor
CVE
Commercial security tools
(More) Secure
5 The CVE challenge -- growing vulnerabilities
2018: 16555
Image source:
................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.
Related download
- open source is growing with people from all types of
- airship a new open infrastructure project for openstack
- software development methodologies
- open source cve monitoring and management
- project management handbook textbook equity
- project management software ganttproject for beginners
- development of a project management
- open source tools for records management archives
- project laika software design document
- project mcecs projects
Related searches
- open source content management system
- open source project management software
- open source project management software 2019
- open source project management online
- open source project management tool
- open source inventory management software
- open source project management web
- open source project management tools
- open source task management tool
- open source task management system
- open source ticket management software
- open source task management software