"Accurate CVSS Scoring in PCI ASV Scans" http://j.mp/165t6Ny
@thierryzoller that too, but his examples are just dead wrong. he hasn't read the CVSS specs.
-
-
@attritionorg : the specs are awefull as well, sorry. You just can't model reliably and consistently -
@thierryzoller right, @carsteneiram and I wrote an extensive critique of CVSS. that said, he still isn't following specs *at all* -
@attritionorg @carsteneiram agree, btw had a stab at it last year ago as well http://blog.zoller.lu/2012/03/cvss-common-vulnerability-scoring.html …#me_stabbed_first ;P -
@thierryzoller @carsteneiram Nice, you attack all of the elements we didn't. We focused on Base score only. -
@attritionorg thanks for the feedback , happy see it complements your work
End of conversation
New conversation -
-
-
@attritionorg@thierryzoller Hard-locking CVSS to PCI is an unholy union, and I want nothing to do with the deviant offspring. - 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.