[Owasp-modsecurity-core-rule-set] Software Vulnerability Mitigation Automation - IVIL v1.0

Jerome Athias jerome at netpeas.com
Thu Feb 16 01:17:08 UTC 2012


As mentioned in the U.S. "INTERNATIONAL STRATEGY FOR CYBERSPACE"[1] 
document,
we need "interoperable and secure technical standards, determined by 
technical experts".

I would like to introduce my vision of "Software Vulnerability 
Mitigation Automation"
via IVIL v1.0 via a (incomplete) Conceptual Map.

Requirements: ~15 minutes of your time, a headset and the Boléro

https://corevidence.com/research/vulnerability_interoperability_ivil_v1.jpg

(I extracted some links, please see below)



i = x2ivil + ivil2x
where "i" is interoperability and "x" a software (vulnerability 
scanner,... + waf, virtual patching system, ...)

What do you think?

Thank you.
Best regards,

Jerome Athias - NETpeas
VP, Director of Software Engineer
Palo Alto - Paris - Casablanca
http://www.netpeas.com

"The computer security is an art form. It's the ultimate martial art."



[1] 
http://www.whitehouse.gov/blog/2011/05/16/launching-us-international-strategy-cyberspace 

IVIL-XML 
http://www.cupfighter.net/index.php/2010/10/ivil-an-xml-schema-to-exchange-vulnerability-information/ 

ThreadFix http://code.google.com/p/threadfix/

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-modsecurity-core-rule-set/attachments/20120216/55e46e2c/attachment.html>


More information about the Owasp-modsecurity-core-rule-set mailing list