Charles G. Yarbrough
CERT
Publications by Charles G. Yarbrough
-
Coordinated Vulnerability Disclosure User Stories
August 25, 2022 • White Paper
Brad RunyonEric HatlebackAllen D. Householder
This paper provides user stories to guide the development of a technical protocol and application programming interface for Coordinated Vulnerability Disclosure.
read -
Prioritizing Vulnerability Response: A Stakeholder-Specific Vulnerability Categorization (Version 2.0)
April 30, 2021 • White Paper
Jonathan SpringAllen D. HouseholderEric Hatleback
This paper presents version 2.0 of a testable Stakeholder-Specific Vulnerability Categorization (SSVC) that takes the form of decision trees and that avoids some problems with the Common Vulnerability Scoring System (CVSS).
read