|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] CD PROPOSAL: SYSCON (Interim Decision 8/24)
Please vote on this pervasive content decision using the space provided below. This content decision is scheduled for Interim Decision on August 24. - Steve Content Decision: SYSCON (System Administrator Consideration) ------------------------------------------------------------- VOTE: (Member may vote ACCEPT, MODIFY, REJECT, or NOOP.) Short Description ----------------- All content decisions and individual CVE vulnerabilities must be considered in light of system administrators and security analysts, who are the ultimate beneficiaries of the CVE. Rationale --------- Security tools (such as assessment tools and IDSes), vulnerability databases, and academic research all have an ultimate goal of helping an enterprise to make itself more secure from attack. Within the enterprise, system administrators and security analysts are the individuals who perform the bulk of the work involved in securing systems - applying patches, conducting assessments, keeping current with new vulnerabilities, etc. One of the goals of the CVE is to facilitate data sharing among security tools and databases. Therefore, its content decisions and individual vulnerability entries should consider the impact and usage to system administrators and security analysts, despite the expectation that they might not use the CVE directly itself.
|
||||
