oasis common security advisory framework (csaf) update cert vendor meeting

Report

Post on 12-Apr-2017

112 Views

Category:

Technology

0 Downloads

Preview:

Click to see full reader

TRANSCRIPT

OASIS Common Security Advisory Framework (CSAF) Technical Committee UpdateCERT VENDOR MEETINGFEBRUARY 13, 2017

AgendaIntroduction to the OASIS Common Security Advisory Framework (CSAF) Technical Committee.

Transition of the Common Vulnerability Reporting Framework (CVRF) to OASIS.

CVRF version 1.2 Update.

CSAF Roadmap.

Q&A

Introduction to CSAF The OASIS CSAF Technical Committee is chartered to make a major revision to the Common Vulnerability Reporting Framework (CVRF) under a new name for the framework that reflects the primary purpose: a Common Security Advisory Framework (CSAF).

TC deliverables are designed standardize existing practice in structured machine-readable vulnerability-related advisories and further refine those standards over time.

https://www.oasis-open.org/committees/csaf

https://www.oasis-open.org/committees/csaf

58 MEMBERS IN LESS THAN 3 MONTHS!

http://www.icasi.org/icasi-transfers-development-of-security-open-standard-to-oasis

https://www.oasis-open.org/news/pr/oasis-advances-standard-for-automated-disclosure-of-cybersecurity-vulnerability-issues

ICASI OASIS

https://www.oasis-open.org/news/pr/oasis-advances-standard-for-automated-disclosure-of-cybersecurity-vulnerability-issues
https://www.oasis-open.org/news/pr/oasis-advances-standard-for-automated-disclosure-of-cybersecurity-vulnerability-issues

CSAF ROADMAP

6

Nov 2016CSAF Inaugural

Call

CVRF 1.2 contributions to

support CVSSv3.

Launched CSAF Sandbox.

Jan 2017

Mar 2017CVRF 1.2 Release

CSAF (aka CVRF 2.0) work starts:

SWID SupportSupporting Different Formats (JSON, XML,

etc.)Making it

Extensible.Other.

Apr 2017

Major Revision

The goal is to have a major revision of the standard within 18 months of TC creation.

GITHUB

A collaborative environment for the

community to propose and develop

experimental capabilities in the

CSAF specification.

MODERN ENVIRONMENTMajor contributions are expected from TC members, but

everyone is invited to contribute and provide feedback.

OPEN TO EVERYONE

https://github.com/oasis-tcs/csaf

https://github.com/oasis-tcs/csaf

SANDBOX

A collaborative environment for the

community to propose and develop

experimental capabilities in the CSAF specification

CSAF SANDBOXIncluding support

for CVSSv3.

CVRF 1.2 PREVIEW

https://github.com/oasis-tcs/csaf

https://github.com/oasis-tcs/csaf

JIRA

Follow process of action items and

contributions.

OPEN TO EVERYONETracker for action items (tasks) and issues of OASIS

CSAF TC

ISSUE TRACKING

https://issues.oasis-open.org/browse/CSAF

https://issues.oasis-open.org/browse/CSAF

Thank you!

Get Involved!

top related

gender categories cert. no. gold medal cert. no. silver...
Documents
csaf terms and conditions - jazz - dunya ko bataa do!
Documents
oasis-d handouts [read-only]€¦ · • describe the major...
Documents
welcome to oasis city project - the oasis estate
Documents
pan oasis resale 9910155922 , resale pan oasis noida
Real Estate
sg oasis 9999381679 sg oasis vasundhara
Real Estate
csaf perspective on doctrine
Documents
master...
Documents
cert 04 introduction to computers - oasis home
Documents
oasis unrestricted & oasis small business … pshc...oasis...
Documents
cert 100 cert 101 - plaques and suchcert 100 cert 101 cert...
Documents
cert 05 introduction to marketing - oasis home
Documents
be free be smart - oasis hotels & resortshoteles grand oasis...
Documents
oasis cgm open webcgm v2.0 - oasis open library
Documents
naesb oasis recommendation network service on oasis (nits on...
Documents
feature — building an oasis building an oasis
Documents
oasis - wonderwallfreedomsheets.com/sheets/oasis -...
Documents
oasis small business pool 2 - rasa...
Documents
csaf common vulnerability reporting framework (cvrf ... web...
Documents
csaf common vulnerability reporting framework (cvrf)...
Documents