|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Tool Mapping Update
All: Just as an update, Dave and I are still looking into the appropriate way to provide vendors with mappings for their own tools. Resolving that issue is our biggest priority at the moment, and we are trying to get rapid answers to facilitate this. If anyone has a problem with MITRE providing a vendor with a mapping for their tool *only* (with some restrictions to prevent possible "abuse" of those mappings), then please speak up now, as we hope to get this issue resolved in the next few days. For anyone who's maintaining a database, note that there is an advanced search script that is more effective than the script I provided you in the initial CVE distribution. This search script takes in a list of vulnerability descriptions (one per line) and prints the N best matches for that input text, using weighted keywords. It is usually very effective (printing the correct match as a #1 or #2 choice, usually) and could reduce the amount of work to create an initial mapping down to a few hours. An alternate approach would be to provide everyone with this script so they can use it on their own tools. - Steve
|
||||
