Environmental Aware Vulnerability Scoring Article Swipe

View

Related Concepts

Vulnerability (computing) Computer science Vulnerability assessment Computer security Medicine Psychological intervention Psychiatry

Andreas Eitel ·

YOU? · · 2020 · Open Access · · DOI: https://doi.org/10.5220/0009839104780485 · OA: W3026229928

When assessing the CVSS value of a vulnerability, the Environmental Metrics are often ignored. There are several reasons for this. However, this score is essential for the prioritization of vulnerabilities. The author proposes an approach that should generate the environmental score systematically and highly automated. For this purpose, various information about the systems and the network is needed, which should be managed in a model. An algorithm uses the linked information to automatically determine the Environmental Metrics. Experts without a security background should thus be able to determine this score in the same way as experts. The results should also be repeatable and independent of the evaluator.