2^nd Global Vulnerability Reporting Summit

Vulnerability Information Systems

Summit Invitation

2nd Global Vulnerability Reporting Summit will be held in March 14-16, 2018 at NTT WEST (NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION) Training Center in Osaka, Japan.

This summit will consist of working sessions on a number of vulnerability information systems topics. The primary goal of the summit is to develop a global vision to improve multiple aspects of the vulnerability response lifecycle.

Who should attend?

Anybody that is developing, using, or considering standards, specifications, initiatives, or practices related to the following topics should attend the summit:

• Vulnerability identification, naming, and tracking
• Vulnerability data formats and information sharing
• Severity, priority, and threat assessment
• Inventory and software component transparency
• High-volume data management and automation
• Non-technical obstacles to vulnerability reporting and response

Those that wish to attend the summit should have practical experience and familiarity with one or more of these topics in order to participate meaningfully in the working sessions. To attend the summit, send this registration form to vrdx-sig-events@first.org. Also, for more details of Co-located Meeting: the Osaka 2018 FIRST TC, refer to the agenda.

• Registration form can be downloaded from here.
• Registration address: vrdx-sig-events@first.org

Please send questions, comments, or topic ideas to vrdx-sig-events@first.org.

Program Overview

Please note: the program schedule is not in its final version, adjustments will occur.

• Wednesday, March 14^th

  Summit Days (Room 4)

• Thursday, March 15^th

  Summit Days (Room 4)

• Friday, March 16^th

  Summit Days (Room 4)

• Initiatives
  • Special Interest Groups (SIGs)
    • SIGs Framework
    • Academic Security SIG
    • AI Security SIG
    • Automation SIG
    • Big Data SIG
    • Common Vulnerability Scoring System (CVSS-SIG)
      • Calculator
      • Specification Document
      • User Guide
      • Examples
      • Frequently Asked Questions
      • CVSS v4.0 Documentation & Resources
        • CVSS v4.0 Calculator
        • CVSS v4.0 Specification Document
        • CVSS v4.0 User Guide
        • CVSS v4.0 Examples
        • CVSS v4.0 FAQ
      • CVSS v3.1 Archive
        • CVSS v3.1 Calculator
        • CVSS v3.1 Specification Document
        • CVSS v3.1 User Guide
        • CVSS v3.1 Examples
        • CVSS v3.1 Calculator Use & Design
      • CVSS v3.0 Archive
        • CVSS v3.0 Calculator
        • CVSS v3.0 Specification Document
        • CVSS v3.0 User Guide
        • CVSS v3.0 Examples
        • CVSS v3.0 Calculator Use & Design
      • CVSS v2 Archive
        • CVSS v2 Complete Documentation
        • CVSS v2 History
        • CVSS-SIG team
        • SIG Meetings
        • Frequently Asked Questions
        • CVSS Adopters
        • CVSS Links
      • CVSS v1 Archive
        • Introduction to CVSS
        • Frequently Asked Questions
        • Complete CVSS v1 Guide
      • JSON & XML Data Representations
      • CVSS On-Line Training Course
      • Identity & logo usage
    • CSIRT Framework Development SIG
    • Cyber Insurance SIG
      • Cyber Insurance SIG Webinars
    • Cyber Threat Intelligence SIG
      • Curriculum
        • Introduction
        • Introduction to CTI as a General topic
        • Methods and Methodology
        • Priority Intelligence Requirement (PIR)
        • Source Evaluation and Information Reliability
        • Machine and Human Analysis Techniques (and Intelligence Cycle)
        • Threat Modelling
        • Training
        • Standards
        • Glossary
      • Webinars and Online Training
      • Building a CTI program and team
        • Program maturity stages
          • CTI Maturity model - Stage 1
          • CTI Maturity model - Stage 2
          • CTI Maturity model - Stage 3
        • Program Starter Kit
        • Resources and supporting materials
    • Digital Safety SIG
    • DNS Abuse SIG
      • Code of Conduct & Other Policies
      • Examples of DNS Abuse
    • Ethics SIG
      • Ethics for Incident Response Teams
    • Exploit Prediction Scoring System (EPSS)
      • The EPSS Model
      • Data and Statistics
      • User Guide
      • EPSS Research and Presentations
      • Frequently Asked Questions
      • Who is using EPSS?
      • Open-source EPSS Tools
      • API
      • Related Exploit Research
      • Blog
        • Understanding EPSS Probabilities and Percentiles
        • Log4Shell Use Case
        • Estimating CVSS v3 Scores for 100,000 Older Vulnerabilities
      • Data Partners
    • FIRST Multi-Stakeholder Ransomware SIG
    • Human Factors in Security SIG
    • Industrial Control Systems SIG (ICS-SIG)
    • Information Exchange Policy SIG (IEP-SIG)
    • Information Sharing SIG
      • Malware Information Sharing Platform
    • Law Enforcement SIG
    • Malware Analysis SIG
      • Malware Analysis Framework
      • Malware Analysis Tools
    • Metrics SIG
      • Metrics SIG Webinars
    • NETSEC SIG
    • Passive DNS Exchange
    • PSIRT SIG
    • Red Team SIG
    • Retail and Consumer Packaged Goods (CPG) SIG
    • Security Lounge SIG
    • Threat Intel Coalition SIG
      • Membership Requirements and Veto Rules
    • Traffic Light Protocol (TLP-SIG)
    • Vulnerability Coordination
      • Multi-Party Vulnerability Coordination and Disclosure
      • Guidelines and Practices for Multi-Party Vulnerability Coordination and Disclosure
    • Vulnerability Reporting and Data eXchange SIG (VRDX-SIG)
      • Vulnerability Database Catalog
    • Women of FIRST
  • Internet Governance
  • IR Database
  • Fellowship Program
    • Application Form
  • Mentorship Program
  • IR Hall of Fame
    • Hall of Fame Inductees
  • Victim Notification
  • Volunteers at FIRST
    • FIRST Volunteers
    • Volunteer Contribution Record
  • Previous Activities
    • Best Practices Contest