Improving the Common Vulnerability Scoring System

October 3, 2019 • Podcast

By

Jonathan Spring, Art Manion, and Deana Shick

Art Manion, Deana Shick, and Jonathan Spring discuss a 2019 paper that outlines challenges with the Common Vulnerability Scoring System (CVSS) and proposes changes to improve it.

Publisher

Software Engineering Institute

Topic or Tag

Listen

Watch

Abstract

Art Manion, Deana Shick, and Jonathan Spring a 2019 paper that outlines challenges with the Common Vulnerability Scoring System (CVSS) and proposes changes to improve it.

Details on their proposed new system, the Stakeholder-specific Vulnerability Categorization, are available at https://resources.sei.cmu.edu/library/asset-view.cfm?assetid=653459.

About the Speaker

Jonathan Spring

Jonathan Spring is an SEI alumni employee.

Jonathan Spring is a senior member of the technical staff with the CERT division of the Software Engineering Institute (SEI) at Carnegie Mellon University. Spring began working at the SEI in 2009. Prior posts include adjunct professor at the University of Pittsburgh’s School …

Art Manion

Art Manion is an SEI alumni employee.

Art Manion is a senior member of the Vulnerability Analysis team in the CERT Program at the Software Engineering Institute (SEI), Carnegie Mellon University. Since joining CERT in 2001, Manion has studied vulnerabilities, coordinated disclosure efforts, and published advisories, alerts, and vulnerability notes …

Software Engineering Institute