Yes, this is the one that I was thinking of.
I agree that going further than that would make things too confusing.
The nice thing about this is that it provides standard language that could
result in a Q segment that allows users to be prompted for the threat
level based on likelihood.
At some
On 6/18/19 3:45 PM, Trevor Vaughan wrote:
At some point, these should probably be changed to correlate with the
Vulnerability Severity Assessment Scale as outlined in the NIST 800-30
since it is well defined, a public standard at no cost, and 0-100
which lines up with most people's internal
On 6/7/19 5:02 AM, harshad wadkar wrote:
Respected Madam / Sir,
I am referring the following url to know about open-scap and Ubuntu
secure configuration.
https://static.open-scap.org/ssg-guides/ssg-ubuntu1604-guide-anssi_np_nt28_average.html
I have one query :
1. At present, the severities
Respected Madam / Sir,
I am referring the following url to know about open-scap and Ubuntu secure
configuration.
https://static.open-scap.org/ssg-guides/ssg-ubuntu1604-guide-anssi_np_nt28_average.html
I have one query :
1. At present, the severities are labelled as unknown, low, medium and high.