An Attack Graph-Based Probabilistic Security Metric
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
k-zero day safety: measuring the security risk of networks against unknown attacks
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Fuzzy classification metrics for scanner assessment and vulnerability reporting
IEEE Transactions on Information Forensics and Security
Evidential structures and metrics for network forensics
International Journal of Internet Technology and Secured Transactions
VRSS: A new system for rating and scoring vulnerabilities
Computer Communications
EVMAT: an OVAL and NVD based enterprise vulnerability modeling and assessment tool
Proceedings of the 49th Annual Southeast Regional Conference
An ACO based approach for detection of an optimal attack path in a dynamic environment
ICDCN'10 Proceedings of the 11th international conference on Distributed computing and networking
The use of application scanners in software product quality assessment
Proceedings of the 8th international workshop on Software quality
A multi-layer tree model for enterprise vulnerability management
Proceedings of the 2011 conference on Information technology education
Cybersecurity risk testing of substation phasor measurement units and phasor data concentrators
Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research
Are markets for vulnerabilities effective?
MIS Quarterly
Improving VRSS-based vulnerability prioritization using analytic hierarchy process
Journal of Systems and Software
International Journal of Information Management: The Journal for Information Professionals
Towards quantitative risk management for next generation networks
Telecommunication Economics
A move in the security measurement stalemate: elo-style ratings to quantify vulnerability
Proceedings of the 2012 workshop on New security paradigms
Patch Release Behaviors of Software Vendors in Response to Vulnerabilities: An Empirical Analysis
Journal of Management Information Systems
A novel approach to evaluate software vulnerability prioritization
Journal of Systems and Software
Hi-index | 0.00 |
Vendors have historically used proprietary methods for scoring software vulnerabilities, usually without detailing their criteria or processes. The Common Vulnerability Scoring System (CVSS) is a public initiative designed to address this issue by presenting a framework for consistently and accurately assessing and quantifying software vulnerabilities' impact on organizations.