NIST is receiving support to get the NVD and CVE processing back on track within the next few months.
The post NIST Getting Outside Help for National Vulnerability Database appeared first on SecurityWeek.
CVE and NVD – A Weak and Fractured Source of Vulnerability Truth
MITRE is unable to compile a list of all new vulnerabilities, and NIST is unable to subsequently, and consequently, provide an enriched database of all vulnerabilities. What went wrong, and what can be done?
The post CVE and NVD – A Weak and Fractured Source of Vulnerability Truth appeared first on SecurityWeek.
US Gov Says Software Measurability is ‘Hardest Problem to Solve’
White House calls for the “timely, complete, and consistent” publication of CVE and CWE data to help solve the security metrics problem.
The post US Gov Says Software Measurability is ‘Hardest Problem to Solve’ appeared first on SecurityWeek.