KMunro's picture

We were more than pleased to read a new report by John Pescatore of Gartner recommending that security managers adopt the use of the Common Vulnerability Scoring System (CVSS) to support more repeatable, fast-acting vulnerability management processes.

This recommendation backs up the decision made by our CTO, Chris Wysopal, more than a year ago to adopt the CVSS standard as a part of the Veracode rating system.

Another interesting recommendation in the report is: "Enterprieses should ensure that processes are in place to detect, assess, and manage each software vulnerability class." You'll need a combination of static, dynamic and manual testing to do it all.

Gartner requires you to have a login to read the entire article.

On a side note, we are now linking to Technorati:
Technorati Profile

Comments (0)

Please Post Your Comments & Reviews

Your email address will not be published. Required fields are marked *

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.