Administrivia: Eric Cole has joined the Editorial Board
Eric Cole of Vista Information Technologies (firstname.lastname@example.org)
has joined the CVE Editorial Board. As an end user of commercial
security products, Eric helps to fill a gap in Board membership. His
knowledge of Microsoft products will provide additional expertise
which should help to reduce or eliminate the current Unix bias in CVE.
His CISSP certification and participation in the SANS LevelOne program
will help to determine the role of CVE in the certification of
security professionals. He provided significant assistance in folding
CVE into ID'Net at the recent SANS Network Security conference in New
Following is a recommendation from Steve Northcutt:
>Eric Cole leads the SANS exploit tools team. Using a variety of
>information sources, their job is to determine the exploits most often
>used to successfully attack computers and networks. They then capture
>the exploit in the wild and document how it works, its signature on
>the system or network and how to close the hole. This project, called
>the NoteBook, is aimed at providing full disclosure, practical
>information to system defenders. Early in the project, Eric realized
>the need for a method of characterizing and classifying the attacks.
>He found CVE to be the best approach and directed the team to
>prioritize CVE candidates and if an exploit meeting the team's
>criteria was not in the CVE, to submit it as a possible candidate.
And here is a short bio:
>Eric Cole has worked in the information security arena for over 10
>years. He has the following certifications: CISSP (Certified
>Information Systems Security Professional) and MCSE (Microsoft
>Certified Systems Engineer). Eric has a BS and MS in Computer Science
>from New York Institute of Technology and is finishing up his Ph.D. in
>network security, emphasizing in Intrusion Detection and Steganography
>from George Mason University. He has extensive experience with all
>aspects of information security.
>Eric is currently Director of Enterprise Security for Vista
>Information Technologies. He also created and headed up Teligent's
>corporate security department and worked for over 5 years at the
>Central Intelligence Agency performing various security work. He was
>an adjunct professor at New York Institute of Technology and is
>currently an adjunct professor at Georgetown University.
Welcome aboard, Eric!