Pitfalls of Vulnerability Rating and a New Approach Called ERRS

Explore a comprehensive conference talk on vulnerability rating challenges and the innovative ERRS approach. Delve into the limitations of current vulnerability databases and scoring systems like CBSS. Learn about the ERRS formula, its characteristics, and how it addresses common pitfalls in vulnerability assessment. Discover the importance of factors such as availability, proof of concept, and target distribution in prioritizing security risks. Gain insights into design goals, impact assessment, and environmental considerations for more effective vulnerability management. Witness a demonstration of the ERRS system and understand how it can revolutionize the way organizations prioritize and address security vulnerabilities.

Introduction
Agenda
Vulnerability database
Lack of resources
CBSS
Formula
Characteristics
Demo
Suggestions
Availability
Proof of Concept
Secret Service
Report Confidence
Target Distribution
Design Goals
Prioritization
Impact
Environment
Weight Factor
ERRS Demo