summit d summit days ays
play

Summit D Summit Days ays The V he Value of alue of Global V - PowerPoint PPT Presentation

Futur Future e of of Global V Global Vulner ulnerability bility Repor eporting ting Summit Summit Summit D Summit Days ays The V he Value of alue of Global V Global Vulner ulnerability R bility Repor eporting ting Masato Masa


  1. Futur Future e of of Global V Global Vulner ulnerability bility Repor eporting ting Summit Summit Summit D Summit Days ays The V he Value of alue of Global V Global Vulner ulnerability R bility Repor eporting ting Masato Masa to Ter erada ada IT Security IT Security Center Center, , IP IPA November 13, 2012 No ember 13, 2012 FIRST TC @ KYOTO Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  2. con conten tents. ts.  Vulnerability Vulnerability Ident Identifier ifier  vulnerability vulnerability identifica identification. tion.  # of vulnerabilities. # of vulnerabilities. FIRST TC @ KYOTO 2 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  3. vulner vulnerability bility identifier identifier.  How many vulnerability identifiers are there in our cyberspace ? FIRST TC @ KYOTO 3 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  4. vulner vulnerability bility identifier identifier.  How many vulnerability identifiers are there in our cyberspace ?  Database Database  Regional/national vulnerability databases NVD, JVN, CNVD etc.  Non-government vulnerability databases Secunia, SecurityFocus, OSVDB, Cisco Security Intelligence Operations, IBM ISS X-Force etc.  Vendor Advisories Vendor Advisories  Microsoft, Oracle, Cisco, Adobe etc. FIRST TC @ KYOTO 4 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  5. vulner vulnerability bility identifier identifier. http://nvd.nist.gov/  NVD NVD (Nationa (National l Vulnerability Vulnerability Database) Database)  ID(4 + 4 digits): CVE-2012-1234  Lang: English  CVE mapping: one-to-one  URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1234 FIRST TC @ KYOTO 5 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  6. vulner vulnerability bility identifier identifier. http://jvn.jp/  JVN(Japan JVN(Japan Vulnerability Vulnerability Database) Database)  ID(8 digits): JVN#12345678  Lang: Japanese/English  CVE mapping: one-to-one  URL: http://jvn.jp/jp/JVN12345678 FIRST TC @ KYOTO 6 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  7. vulner vulnerability bility identifier identifier. http://jvndb.jvn.jp/  JVN JVN iPedia iPedia  ID(4 + 6 digits): JVNDB-2012-123456  Lang: Japanese/English  CVE mapping: one-to-one  URL: http://jvndb.jvn.jp/jvndb/JVNDB-2012-123456 FIRST TC @ KYOTO 7 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  8. vulner vulnerability bility identifier identifier. http://www.cnvd.org.cn/  CNVD(China CNVD(China National Vulnerability National Vulnerability Database) Database)  ID(4 + 5 digits): CNVD-2012-12345  Lang: Chinese  CVE mapping: one-to-one  URL: http://www.cnvd.org.cn/sites/main/preview/ldgg_preview.htm?tid=61059 FIRST TC @ KYOTO 8 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  9. vulner vulnerability bility identifier identifier. http://secunia.com/  Secunia Secunia  ID(5 digits): SA12345  Lang: English  CVE mapping: one-to-many  URL: http://secunia.com/advisories/12345 FIRST TC @ KYOTO 9 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  10. vulner vulnerability bility identifier identifier. http://www.securityfocus.com/  Secur SecurityFocus ityFocus  ID(variable digits): 12345 (aka. bid12345)  Lang: English ^^^^^^ current longest id is 5 digits  CVE mapping: one-to-many  URL: http://www.securityfocus.com/bid/12345 FIRST TC @ KYOTO 10 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  11. vulner vulnerability bility identifier identifier. http://osvdb.org/  OSVDB OSVDB (The (The Open Open Source Source Vulnerability Vulnerability Database) Database)  ID(variable digits): 12345  Lang: English ^^^^^ current longest id is 5 digits  CVE mapping: one-to-many  URL: http://osvdb.org/show/osvdb/12345 FIRST TC @ KYOTO 11 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  12. vulner vulnerability bility identifier identifier. http://tools.cisco.com/security/center/  Cisco Cisco Secur Security ity Inte Intelligence Operations lligence Operations  ID(5 digits): 12345  Lang: English  CVE mapping: one-to-many  URL: http://tools.cisco.com/security/center/viewAlert.x?alertId=12345 FIRST TC @ KYOTO 12 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  13. vulner vulnerability bility identifier identifier. http://xforce.iss.net/  IBM IBM ISS ISS X-Force Force  ID(short subject + variable digits): speak-freely-udp-bo (12345) <<<<< current longest id is 5 digits  Lang: English  CVE mapping: one-to-many  URL: http://xforce.iss.net/xforce/xfdb/12345 FIRST TC @ KYOTO 13 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  14. vulner vulnerability bility identifica identification tion.  How do we make a relationship of vulnerability information ? FIRST TC @ KYOTO 14 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  15. vulner vulnerability bility identifica identification tion.  How do we make a relationship of vulnerability information ?  Currently, we can use Common Vulnerabilities and Exposures (CVE), which is the most well known vulnerability identification scheme. CVE is best and unique reference ID in world wide. FIRST TC @ KYOTO 15 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  16. # of vulne # of vulnerabilities. bilities.  How many # of vulnerabilities ? FIRST TC @ KYOTO 16 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  17. # of vulne # of vulnerabilities. bilities. http://nvd.nist.gov/  NVD NVD (Nationa (National l Vulnerability Vulnerability Database) Database) 8,000 NVD 7,000 CERT/CC 6,000 Number of vulnerabilities Total; 53,262 5,000 4,000 3,000 2,000 1,000 0 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 FIRST TC @ KYOTO 17 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  18. # of # of vulne vulnerabilities. bilities. http://www.cnvd.org.cn/  CNVD(China CNVD(China National Vulnerability National Vulnerability Database) Database) 7,000 Total; 39,796 CNVD 6,000 Number of vulnerabilities 5,000 4,000 3,000 2,000 1,000 0 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 FIRST TC @ KYOTO 18 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  19. # of # of vulne vulnerabilities. bilities. http://secunia.com/  Secunia Secunia Average 2006-10; 8,663 Total 2011; 9,132 FIRST TC @ KYOTO 19 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  20. end ending. ing. Global Vulner Global V ulnerability bility Repor eporting will pr ting will provide bes vide best t solution of solution of this qu this question estions. s. FIRST TC @ KYOTO 20 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

Recommend


More recommend