[Owasp-singapore] Vulnerability scoring system (or threat rating system)

Christian Heinrich christian.heinrich at owasp.org
Thu Aug 20 04:25:14 EDT 2009


Ruel,

Have you considered the Common Vulnerability Scoring System (CVSS)?  It is
published at http://www.first.org/cvss/


On Thu, Aug 20, 2009 at 6:11 PM, spawn of soul calibur
<ruel555 at hotmail.com>wrote:

>  Hi Security Gurus,
>
> Here I am again asking for some advise. And Im sure this is not the last,
> so I hope you dont get fed up with me. ;-p
>
> Do you know of any simplest way to score application vulnerability (or
> threat rating system, or whatever you call them)?
>
> Basically, I am doing a security assessment of an in-house application (not
> web-based). I have discovered a few vulnerabilities. But now, I want to rank
> the vulnerabilities so that we can prioritize which one needs to be fixed
> first.
>
> Thanks a lot!
>
> Regards,
> Ruel
>
> ------------------------------
> Be seen with Buddy! Tag your picture and win exciting prizes! Click here<http://discover.windowslive.com/en-sg/messenger/messengeris10/#/be-seen-with-buddy>
>
> _______________________________________________
> Owasp-singapore mailing list
> Owasp-singapore at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-singapore
>
>


-- 
Regards,
Christian Heinrich - http://sn.im/cmlh_linkedin_profile
OWASP "Google Hacking" Project Lead - http://sn.im/owasp_google_hacking
Speaking Schedule at http://sn.im/cmlh_speaking_schedule
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/owasp-singapore/attachments/20090820/1e427cc9/attachment.html 


More information about the Owasp-singapore mailing list