|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [COMPAT] Draft NIST Recommendation for CVE-Compatible Products
The draft NIST recommendation for the usage of CVE-compatible products is available for commentary by February 18. See http://csrc.nist.gov/publications/drafts.html The draft NIST recommendation "Use of the CVE Vulnerability Naming Scheme Within its Acquired Products and Information Technology Security Procedures" advises agencies on the use of the Common Vulnerability and Exposures (CVE) vulnerability naming scheme. It recommends that agencies give substantial consideration to buying products and services compatible with the CVE naming scheme. The recommendation also advises agencies to periodically monitor their systems for vulnerabilities listed in the CVE vulnerability naming scheme. Agencies are also advised to use the CVE naming scheme in their communications and descriptions of vulnerabilities. You are invited to submit any comments you may have to both Peter Mell and Timothy Grance at peter.mell@nist.gov and timothy.grance@nist.gov by February 18, 2002. - Steve
|
||||
