][Date Next][Thread Prev
][Thread Next][Date Index
Re: FYI - Continuation of "Future of Global Vulnerability Reporting" discussion
Also note that attending this "open to the public session" does require
pre-registration due to the fact that we need to arrange with MITRE's
security to have the session attendees registered as "visitors".
The "pre-registration" basically entails an e-mail to
<firstname.lastname@example.org> with the title of the e-mail being
"Please Register Me for the Winter 2011 SwA Working Group Sessions" and
the body of the e-mail containing:
First and Last Name
Country of Citizenship
If you are interested in attending the Monday session that Steve
mentioned below or any of the other parts of the Software Assurance
Working Group please send the e-mail before the end of Friday of this
week and it should work out fine.
On 11/23/11 2:48 PM, Boyle, Stephen V. wrote:
> DHS will be hosting a follow-on discussion to their ITSAC "Future of Global Vulnerability Reporting" workshop at the upcoming Software Assurance Working Group (SWAWG) meeting on Monday, 28 November, to be held at MITRE's McLean, VA facility. (See: https://buildsecurityin.us-cert.gov/bsi/events/1292-BSI.html)
> As before, this is a US Government-led discussion which will obviously not include the whole vulnerability reporting community. MITRE will be in attendance and participating in the discussion, and we will publish our notes and thoughts to the CVE Editorial Board List as before. Given that the SWAWG is open to the public, we thought it would be worthwhile to let others on the Editorial Board know of this discussion and an opportunity to participate if you so wish.
> Per the DHS SWAWG agenda, the description of this workshop session is as follows:
> "Workshop on the Future of Global Vulnerability Identification and Reporting - 10:00 AM Start Time
> - Facilitators: Richard Struse, DHS; Thomas Millar, DHS
> This workshop is a continuation of the discussion on the "Future of Global Vulnerability Reporting" that was held at the IT Security Automation Conference in October. Building on the issues and use cases identified previously, this workshop will focus on the concept and development of use cases for early-response kinds of vulnerability identifiers. We expect to develop use cases for discussion by the group, and will employ scenarios to help in the discussion."
> We continue to encourage any and all Board members who participate in these kinds of discussion or who have any thoughts on the topics to share them with the list.
> Best Regards,
> The MITRE CVE Team