Sign up to save your podcasts
Or
Share The Value of Assigning CVEs
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
The Value of Assigning CVEs
Shannon Sabens of CrowdStrike chats with Madison Oliver of GitHub Security Lab about how and why CVEs are assigned, the value of CVEs in vulnerability management, responsible coordination of vulnerability disclosures, the importance of comprehensiveness in security advisories, and why there is no stigma in a CVE. CVE Numbering Authority (CNA) scopes, disclosure policies, turnaround times, and more are discussed in general, as are GitHub’s specific CNA processes and how it helps open-source projects hosted on GitHub with their CVEs and advisories.
Madison also writes about many of these topics in her blog article, Removing the Stigma of a CVE, on the GitHub Blog.
View all episodes
By CVE Program
5
22 ratings
Shannon Sabens of CrowdStrike chats with Madison Oliver of GitHub Security Lab about how and why CVEs are assigned, the value of CVEs in vulnerability management, responsible coordination of vulnerability disclosures, the importance of comprehensiveness in security advisories, and why there is no stigma in a CVE. CVE Numbering Authority (CNA) scopes, disclosure policies, turnaround times, and more are discussed in general, as are GitHub’s specific CNA processes and how it helps open-source projects hosted on GitHub with their CVEs and advisories.
Madison also writes about many of these topics in her blog article, Removing the Stigma of a CVE, on the GitHub Blog.
More shows like We Speak CVE
View all
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
634 Listeners