Newsroom


Subscribe via RSS

RDF Site Summary (RSS) is a lightweight multipurpose extensible metadata description and syndication format.

RSS 2.0

FIRST Announces Call for Participants and Subjects for version 3 of the Common Vulnerability Scoring System (CVSS)

FIRST Announces Call for Participants and Subjects for version 3 of the Common Vulnerability Scoring System (CVSS)

The Forum of Incident Response and Security Teams (FIRST) today publicly announced its Call for Participants for the core group of members on the Common Vulnerability Scoring System Special Interest Group.

CVSS is a vulnerability scoring system designed to provide an open and standardized method for rating IT vulnerabilities. CVSS helps organizations prioritize and coordinate a joint response to security vulnerabilities by communicating the base, temporal and environmental properties of a vulnerability.

In order to ensure a widely accepted standard, the Special Interest Group within FIRST is inviting participants with an interest in contributing to the standard. Participants from various constituencies, including Finance, Healthcare, Government, Education, Manufacturing and Retail, Communications, Information Technology, Security Research and Response teams, Energy and Transportation, are invited to apply for membership. They will be expected to represent the points of view of their respective constituency in the wider group.

Interested parties are invited to contact seth@first.org for additional information and to make the Special Interest Group aware of their interest in participation. The Call for Participants period for CVSS version 3 SIG begins March 16 and will end May 4.

Parties interested in directly participating in the development of the standard can do so in either of two ways: by answering the Call for Participants or the Call for Subjects.

More information about these calls for assistance is available on the FIRST web site.

Call for Participants: first-press-release-20120322.pdf
Call for Subjects: http://www.first.org/newsroom/releases/20120411

About CVSS

CVSS is a vulnerability scoring system designed to provide an open and standardized method for rating IT vulnerabilities. CVSS helps organizations prioritize and coordinate a joint response to security vulnerabilities by communicating the base, temporal and environmental properties of a vulnerability. For additional information on CVSS v2, please see http://www.first.org/cvss and http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2. FIRST sponsors and supports the CVSS-SIG, a diverse group of security professionals who have a keen interest in security vulnerabilities and use CVSS in their daily work.

About FIRST

Founded in 1990, FIRST consists of internet emergency response teams from more than 250 corporations, government bodies, universities and other institutions from the Americas, Asia, Europe, Africa and Oceania. It leads the world's fight-back against cyber-crime, sabotage and terrorism, and promotes cooperation among computer security incident response teams and law enforcement agencies. For more information, visit www.first.org

Please download the full release at first-press-release-20120322.pdf

March 22, 2012 10:54 GMT+01