RE: CVE Information Sources & Scope

To: "Williams, James K" <James.Williams@ca.com>, cve-editorial-board-list<cve-editorial-board-list@LISTS.MITRE.ORG>
Subject: RE: CVE Information Sources & Scope
From: "Mann, Dave" <damann@mitre.org>
Date: Wed, 5 Oct 2011 12:20:56 -0400
Accept-Language: en-US
acceptlanguage: en-US
Delivery-Date: Wed Oct 5 12:21:18 2011
In-Reply-To: <ED311CBEE6993C428563DEDF6D083BC801CF15@usilms113b.ca.com>
List-Help: <mailto:LISTSERV@LISTS.MITRE.ORG?body=INFO%20CVE-EDITORIAL-BOARD-LIST>
List-Owner: <mailto:CVE-EDITORIAL-BOARD-LIST-request@LISTS.MITRE.ORG>
List-Subscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-subscribe-request@LISTS.MITRE.ORG>
List-Unsubscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-unsubscribe-request@LISTS.MITRE.ORG>
References: <3FF9F74E63A7484EB3B88F04329CBEDC04448126E0@IMCMBX1.MITRE.ORG> <4E8B482F.2090602@cert.org> <ED311CBEE6993C428563DEDF6D083BC801CEAB@usilms113b.ca.com> <ED311CBEE6993C428563DEDF6D083BC801CF15@usilms113b.ca.com>
Sender: <owner-cve-editorial-board-list@LISTS.MITRE.ORG>
Thread-Index: AQHMgr6TpbdY+fwsQ3q+w22wYsQdkJVseVKggAAHGHCAAW038A==
Thread-Topic: CVE Information Sources & Scope

>editorial-board-list@lists.mitre.org] On Behalf Of Williams, James K
>Good points, Art.  In particular, quicker issuance of CVE identifiers would be
>great.

I triple promise that we're going to have the speed of issuance discussion.   Promise.



>As far as monitoring of twitter and blogs goes, we also need to consider
>monitoring:
>* pastebin,
>* smaller vendor bugtracking systems (I find vulns every week, in widely
>used software, that never makes it to BugTraq, Secunia, or CVE),
>* discussion forums (in a variety of languages, and many require
>registration),
>* reddit,
>* IRC,
>* and whatever other communication/dissemination mediums become
>popular (again) next month.
>
>When expanding monitoring of these types of sources, extensive
>automation is necessary.

James, could you talk more about automation techniques for monitoring these sources?



-Dave
==================================================================
David Mann | Principal Infosec Scientist | The MITRE Corporation
------------------------------------------------------------------
e-mail:damann@mitre.org | cell:781.424.6003
==================================================================

Follow-Ups:
- RE: CVE Information Sources & Scope
  - From: "Williams, James K" <James.Williams@ca.com>

References:
- CVE Information Sources & Scope
  - From: "Mann, Dave" <damann@mitre.org>
- Re: CVE Information Sources & Scope
  - From: Art Manion <amanion@cert.org>
- RE: CVE Information Sources & Scope
  - From: "Williams, James K" <James.Williams@ca.com>
- RE: CVE Information Sources & Scope
  - From: "Williams, James K" <James.Williams@ca.com>

Prev by Date: Re: CVE's Charter, Scope and the Role of CNAs
Next by Date: Update Disclosure Sources List - Please Vote!
Prev by thread: RE: CVE Information Sources & Scope
Next by thread: RE: CVE Information Sources & Scope
Index(es):
- Date
- Thread

Page Last Updated: November 06, 2012

Common Vulnerabilities and Exposures

RE: CVE Information Sources & Scope