Getting CVSS, NVD, and CVEs to Work for You - Standardizing and Scaling Your Vulnerability Risk Analysis
Offered By: BSidesLV via YouTube
Course Description
Overview
Explore a comprehensive analysis of vulnerability risk assessment in this 24-minute conference talk from BSidesLV 2019. Delve into the world of Common Vulnerability Exposures (CVEs), Common Vulnerability Scoring System (CVSS), and the National Vulnerability Database (NVD) to standardize and scale your organization's approach to vulnerability risk. Learn about stakeholder involvement, the importance of CVSS, and how to implement these tools effectively. Examine practical examples, including Base Score, Temporal Score, and Environmental Score components, as well as additional mitigations. Discover useful visualizations and understand the limitations of these systems. Conclude with a summary and audience Q&A session to solidify your understanding of vulnerability risk analysis techniques.
Syllabus
Introduction
Disclaimer
Common Vulnerability Exposures
Stakeholders
Why are we using CSS
How do we get there
Example
Bass Score
Temporal Score
Environmental Score
Environmental Score Components
Additional Mitigations
Visualizations
Limitations
Summary
Audience Questions
Taught by
BSidesLV
Related Courses
Early Detection through DeceptionYouTube Hack for Show, Report for Dough - Brian King
YouTube Blue Teamin on a Budget of Zero - Kyle Bubp
YouTube Windows Event Logs - Zero to Hero
YouTube Weaponizing Splunk - Using Blue Team Tools for Evil
YouTube