summit d summit days ays
play

Summit D Summit Days ays The V he Value of alue of Global V - PowerPoint PPT Presentation

Nov 22, 2023 •201 likes •411 views

Futur Future e of of Global V Global Vulner ulnerability bility Repor eporting ting Summit Summit Summit D Summit Days ays The V he Value of alue of Global V Global Vulner ulnerability R bility Repor eporting ting Masato Masa

  1. Futur Future e of of Global V Global Vulner ulnerability bility Repor eporting ting Summit Summit Summit D Summit Days ays The V he Value of alue of Global V Global Vulner ulnerability R bility Repor eporting ting Masato Masa to Ter erada ada IT Security IT Security Center Center, , IP IPA November 13, 2012 No ember 13, 2012 FIRST TC @ KYOTO Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  2. con conten tents. ts.  Vulnerability Vulnerability Ident Identifier ifier  vulnerability vulnerability identifica identification. tion.  # of vulnerabilities. # of vulnerabilities. FIRST TC @ KYOTO 2 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  3. vulner vulnerability bility identifier identifier.  How many vulnerability identifiers are there in our cyberspace ? FIRST TC @ KYOTO 3 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  4. vulner vulnerability bility identifier identifier.  How many vulnerability identifiers are there in our cyberspace ?  Database Database  Regional/national vulnerability databases NVD, JVN, CNVD etc.  Non-government vulnerability databases Secunia, SecurityFocus, OSVDB, Cisco Security Intelligence Operations, IBM ISS X-Force etc.  Vendor Advisories Vendor Advisories  Microsoft, Oracle, Cisco, Adobe etc. FIRST TC @ KYOTO 4 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  5. vulner vulnerability bility identifier identifier. http://nvd.nist.gov/  NVD NVD (Nationa (National l Vulnerability Vulnerability Database) Database)  ID(4 + 4 digits): CVE-2012-1234  Lang: English  CVE mapping: one-to-one  URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1234 FIRST TC @ KYOTO 5 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  6. vulner vulnerability bility identifier identifier. http://jvn.jp/  JVN(Japan JVN(Japan Vulnerability Vulnerability Database) Database)  ID(8 digits): JVN#12345678  Lang: Japanese/English  CVE mapping: one-to-one  URL: http://jvn.jp/jp/JVN12345678 FIRST TC @ KYOTO 6 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  7. vulner vulnerability bility identifier identifier. http://jvndb.jvn.jp/  JVN JVN iPedia iPedia  ID(4 + 6 digits): JVNDB-2012-123456  Lang: Japanese/English  CVE mapping: one-to-one  URL: http://jvndb.jvn.jp/jvndb/JVNDB-2012-123456 FIRST TC @ KYOTO 7 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  8. vulner vulnerability bility identifier identifier. http://www.cnvd.org.cn/  CNVD(China CNVD(China National Vulnerability National Vulnerability Database) Database)  ID(4 + 5 digits): CNVD-2012-12345  Lang: Chinese  CVE mapping: one-to-one  URL: http://www.cnvd.org.cn/sites/main/preview/ldgg_preview.htm?tid=61059 FIRST TC @ KYOTO 8 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  9. vulner vulnerability bility identifier identifier. http://secunia.com/  Secunia Secunia  ID(5 digits): SA12345  Lang: English  CVE mapping: one-to-many  URL: http://secunia.com/advisories/12345 FIRST TC @ KYOTO 9 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  10. vulner vulnerability bility identifier identifier. http://www.securityfocus.com/  Secur SecurityFocus ityFocus  ID(variable digits): 12345 (aka. bid12345)  Lang: English ^^^^^^ current longest id is 5 digits  CVE mapping: one-to-many  URL: http://www.securityfocus.com/bid/12345 FIRST TC @ KYOTO 10 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  11. vulner vulnerability bility identifier identifier. http://osvdb.org/  OSVDB OSVDB (The (The Open Open Source Source Vulnerability Vulnerability Database) Database)  ID(variable digits): 12345  Lang: English ^^^^^ current longest id is 5 digits  CVE mapping: one-to-many  URL: http://osvdb.org/show/osvdb/12345 FIRST TC @ KYOTO 11 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  12. vulner vulnerability bility identifier identifier. http://tools.cisco.com/security/center/  Cisco Cisco Secur Security ity Inte Intelligence Operations lligence Operations  ID(5 digits): 12345  Lang: English  CVE mapping: one-to-many  URL: http://tools.cisco.com/security/center/viewAlert.x?alertId=12345 FIRST TC @ KYOTO 12 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  13. vulner vulnerability bility identifier identifier. http://xforce.iss.net/  IBM IBM ISS ISS X-Force Force  ID(short subject + variable digits): speak-freely-udp-bo (12345) <<<<< current longest id is 5 digits  Lang: English  CVE mapping: one-to-many  URL: http://xforce.iss.net/xforce/xfdb/12345 FIRST TC @ KYOTO 13 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  14. vulner vulnerability bility identifica identification tion.  How do we make a relationship of vulnerability information ? FIRST TC @ KYOTO 14 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  15. vulner vulnerability bility identifica identification tion.  How do we make a relationship of vulnerability information ?  Currently, we can use Common Vulnerabilities and Exposures (CVE), which is the most well known vulnerability identification scheme. CVE is best and unique reference ID in world wide. FIRST TC @ KYOTO 15 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  16. # of vulne # of vulnerabilities. bilities.  How many # of vulnerabilities ? FIRST TC @ KYOTO 16 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  17. # of vulne # of vulnerabilities. bilities. http://nvd.nist.gov/  NVD NVD (Nationa (National l Vulnerability Vulnerability Database) Database) 8,000 NVD 7,000 CERT/CC 6,000 Number of vulnerabilities Total; 53,262 5,000 4,000 3,000 2,000 1,000 0 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 FIRST TC @ KYOTO 17 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  18. # of # of vulne vulnerabilities. bilities. http://www.cnvd.org.cn/  CNVD(China CNVD(China National Vulnerability National Vulnerability Database) Database) 7,000 Total; 39,796 CNVD 6,000 Number of vulnerabilities 5,000 4,000 3,000 2,000 1,000 0 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 FIRST TC @ KYOTO 18 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  19. # of # of vulne vulnerabilities. bilities. http://secunia.com/  Secunia Secunia Average 2006-10; 8,663 Total 2011; 9,132 FIRST TC @ KYOTO 19 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

  20. end ending. ing. Global Vulner Global V ulnerability bility Repor eporting will pr ting will provide bes vide best t solution of solution of this qu this question estions. s. FIRST TC @ KYOTO 20 Kyoto 2012 FIRST Technical Colloquium 13-15 November 2012

Recommend

Summit Therapeutics plc (Summit or the Company) SUMMIT TO PRESENT PHASE 2 CoDIFy

Summit Therapeutics plc (Summit or the Company) SUMMIT TO PRESENT PHASE 2 CoDIFy

Summit Therapeutics plc (Summit or the Company) SUMMIT TO PRESENT PHASE 2 CoDIFy TRIAL DATA HIGHLIGHTING RIDINILAZOLES PRESERVATION OF THE MICROBIOME IN CDI PATIENTS AT ASM MICROBE 2016 Oxford, UK, 23 May 2016 Summit

269 views • 3 slides
Welco elcome! me! Le Learnin arning g Se Session ssion/Summit /Summit Day Two May 26 th ,

Welco elcome! me! Le Learnin arning g Se Session ssion/Summit /Summit Day Two May 26 th ,

Welco elcome! me! Le Learnin arning g Se Session ssion/Summit /Summit Day Two May 26 th , 2017 Rec ecap of Da ap of Day On y One &amp; e &amp; Outline of the Days Activities Jennifer Allison 2 Outcome Outcome Data Data Su

716 views • 48 slides
For the 4 th year in a row through organizes Energy Strategy Summit, a top-level summit for the

For the 4 th year in a row through organizes Energy Strategy Summit, a top-level summit for the

For the 4 th year in a row through organizes Energy Strategy Summit, a top-level summit for the Romanian and regional energy industry. This year, for two days, on June 6-7, the most infmuential decision makers in the Romanian energy industry

280 views • 14 slides
Summit Farms Overview Agrisol Energy July 16 th , 2010 Summit Farms Overview Summit Farms

Summit Farms Overview Agrisol Energy July 16 th , 2010 Summit Farms Overview Summit Farms

Summit Farms Overview Agrisol Energy July 16 th , 2010 Summit Farms Overview Summit Farms is made up of three main business units: Row Crop Production: 17,900 acres Corn Maize Soybeans Swine Contract Finishing: over 150,000

221 views • 18 slides
CasinoBeats Summit 18-20 September 2018 @ Olympia, London CASINOBEATS SUMMIT 2018 Over 250

CasinoBeats Summit 18-20 September 2018 @ Olympia, London CASINOBEATS SUMMIT 2018 Over 250

CasinoBeats Summit 18-20 September 2018 @ Olympia, London CASINOBEATS SUMMIT 2018 Over 250 delegates from across the world will make their way to the Casino Beats Summit as part of the international betting and gaming conference week, held 18-21

406 views • 12 slides
Xen Strategic Summit Xen Strategic Summit Plenary Plenary Nick Gault, CEO Nick Gault, CEO

Xen Strategic Summit Xen Strategic Summit Plenary Plenary Nick Gault, CEO Nick Gault, CEO

Xen Strategic Summit Xen Strategic Summit Plenary Plenary Nick Gault, CEO Nick Gault, CEO April 7, 2005 Why the Why the Xen Summit? en Summit? You asked for it To make Xen commercially ready and ubiquitous This is your opportunity to

364 views • 9 slides
Transmission Summit 2014 Summit agenda Washington, DCMarch 13-14, 2014 March 13, 2014: 7:30

Transmission Summit 2014 Summit agenda Washington, DCMarch 13-14, 2014 March 13, 2014: 7:30

Transmission Summit 2014 Summit agenda Washington, DCMarch 13-14, 2014 March 13, 2014: 7:30 8:30 Registration and Breakfast 8:30 8:45 Welcome and Introduction by Summit Chairman Celia Y. David , Director , Energy, NAVIGANT 8:45

157 views • 4 slides
ADDITIVE MA E MANUF UFACT CTURING COMMUN COMMUNITY Strategy Days Summit November 6-7, 2019 |

ADDITIVE MA E MANUF UFACT CTURING COMMUN COMMUNITY Strategy Days Summit November 6-7, 2019 |

ADDITIVE MA E MANUF UFACT CTURING COMMUN COMMUNITY Strategy Days Summit November 6-7, 2019 | Marriott Marquis Chicago AM market has grown so rapidly in the past 10 years Messaging is very splintered and inconsistent Focus

307 views • 4 slides
2017 ITPC Planning Summit Welcome to the 2017 ITPC Planning Summit Goals for Opening Todays

2017 ITPC Planning Summit Welcome to the 2017 ITPC Planning Summit Goals for Opening Todays

2017 ITPC Planning Summit Welcome to the 2017 ITPC Planning Summit Goals for Opening Todays Summit Remarks To promote Michael Hites collaborative planning Sr. Associate Vice President &amp; relative to Chief Information Officer

646 views • 46 slides
5G Su 5G Summit it Ov Overvie view Debabani Choudhury Intel Labs IEEE 5G Summit, Honolulu,

5G Su 5G Summit it Ov Overvie view Debabani Choudhury Intel Labs IEEE 5G Summit, Honolulu,

Welc lcom ome e an and d 5G Su 5G Summit it Ov Overvie view Debabani Choudhury Intel Labs IEEE 5G Summit, Honolulu, HI June 5-6, 2017 5G-&lt;Choudhury&gt; IMS MS2017 7 5G Su Summit it A Successful Collaboration Between two

714 views • 6 slides
Inclusion, Innovation and Technology Summit Creating a Culture of Innovation July 17, 2018 Live

Inclusion, Innovation and Technology Summit Creating a Culture of Innovation July 17, 2018 Live

Inclusion, Innovation and Technology Summit Creating a Culture of Innovation July 17, 2018 Live from Loveland, CO David Tucker Enterprise Architect and I2T vice-chair I2T Summit 1 I2T Summit 1 I2T Summit agenda Welcome

573 views • 26 slides
Summit 2.0 The UMass Shared Analytics Program Data Driven Decisions Agenda Summit Overview

Summit 2.0 The UMass Shared Analytics Program Data Driven Decisions Agenda Summit Overview

Summit 2.0 The UMass Shared Analytics Program Data Driven Decisions Agenda Summit Overview Enterprise Data and Analytics team Analytics Defined What is Summit 2.0 Data: Summit Enterprise Data Warehouse Tools: Summit

525 views • 30 slides
HUD IT IT Summit Washington, D.C. June 4, 2018 1 IT IT SUMMIT Agenda: Welcome Remarks (DJ

HUD IT IT Summit Washington, D.C. June 4, 2018 1 IT IT SUMMIT Agenda: Welcome Remarks (DJ

HUD IT IT Summit Washington, D.C. June 4, 2018 1 IT IT SUMMIT Agenda: Welcome Remarks (DJ LaVoy) ISDV Overview (George Forbes) Protocol (Brendan Dowd) Decision Trees (Kim Scoles) Break VEDGA Overview (Eric Krapf) June 4, 2018 What to

765 views • 61 slides
Stopping Violence, Stimulating Success Summit February 2014 Summit In response to the

Stopping Violence, Stimulating Success Summit February 2014 Summit In response to the

Stopping Violence, Stimulating Success Summit February 2014 Summit In response to the uptick in violence that Pomona experienced last year, various community partners came together to discuss priorities to address public safety issue.

235 views • 19 slides
HUBZone Small Business Summit Welcome &amp; Opening Comments Summit April 26, 2017 -

HUBZone Small Business Summit Welcome &amp; Opening Comments Summit April 26, 2017 -

HUBZone Contractors National Council HUBZone Small Business Summit April 26, 2017 HUBZone Small Business Summit Welcome &amp; Opening Comments Summit April 26, 2017 - Philadelphia John Armstead Acting Deputy Regional Administrator

100 views • 7 slides
A&amp;F Executive Dashboard Presented: Summit Summit: December 7, 2018 A&amp;F Vice Chancellors:

A&amp;F Executive Dashboard Presented: Summit Summit: December 7, 2018 A&amp;F Vice Chancellors:

A&amp;F Executive Dashboard Presented: Summit Summit: December 7, 2018 A&amp;F Vice Chancellors: December 8, 2017 A&amp;F Roadmap: Underlying Principles 2 Independent and objective Standard processes designed assurance that analyzes to

249 views • 14 slides
PARTNER SUMMIT 2013 PARTNER SUMMIT 2013 Thomson Reuters Presenters Therese M. Witherow

PARTNER SUMMIT 2013 PARTNER SUMMIT 2013 Thomson Reuters Presenters Therese M. Witherow

Welcome to PARTNER SUMMIT 2013 PARTNER SUMMIT 2013 Thomson Reuters Presenters Therese M. Witherow Andrew W. McCracken, CPA Technical Consultant Senior Technical Trainer PARTNER SUMMIT 2013 Practitioner / Entrepreneur Presenter Paul

1.38k views • 104 slides
CHILD INJURY SUMMIT II Mohan Rao Tuesday, May 13, 2014 Child Injury Summit II 13 May 2014

CHILD INJURY SUMMIT II Mohan Rao Tuesday, May 13, 2014 Child Injury Summit II 13 May 2014

Visible changes for a healthy future CHILD INJURY SUMMIT II Mohan Rao Tuesday, May 13, 2014 Child Injury Summit II 13 May 2014 Presentation outline Brief overview of 2007 - 2009 findings Scope for 2010 - 2012 dataset analysis

553 views • 29 slides
Winter Summit 2019 Shehaqua Family Camp Summit Purpose Need your help to keep camp going strong!

Winter Summit 2019 Shehaqua Family Camp Summit Purpose Need your help to keep camp going strong!

Winter Summit 2019 Shehaqua Family Camp Summit Purpose Need your help to keep camp going strong! Talk about how to adjust and evolve with changing demographics of members Decide how to handle Spring Gathering and Harvest Festival

645 views • 26 slides
Parent Advocacy Summit Legally Authorized to JAM! Parent Advocacy Summit Saturday, February 22,

Parent Advocacy Summit Legally Authorized to JAM! Parent Advocacy Summit Saturday, February 22,

Parent Advocacy Summit Legally Authorized to JAM! Parent Advocacy Summit Saturday, February 22, 2020 9:00am-9:55am Fresno Convention Center, EXPO II To inform, educate, and empower parents to be strong Advocates for Music Education Parent

393 views • 21 slides
Transmission Summit 2013 Investing in the Future Grid Washington, DCFebruary 26-27, 2013

Transmission Summit 2013 Investing in the Future Grid Washington, DCFebruary 26-27, 2013

Transmission Summit 2013 Investing in the Future Grid Washington, DCFebruary 26-27, 2013 Summit Agenda 7:45 8:45 Registration and Continental Breakfast Sponsored by 8:45 9:00 Welcome and Opening Remarks by the Summit Chair Laurie J.

47 views • 4 slides
Po we r-Up Summit T he Blue print fo r E a rly Childho o d Co nfe re nc e L a wre nc e , K

Po we r-Up Summit T he Blue print fo r E a rly Childho o d Co nfe re nc e L a wre nc e , K

Judith Ca rta , Da le Wa lke r, &amp; Cha rle s Gre e nwo o d Co -Dire c to rs . Bridg ing the Wo rd Ga p Na tio na l Re se a rc h Ne two rk Junipe r Ga rde ns Childre n s Pro je c t Unive rsity o f K a nsa s Po we r-Up Summit T he

1.09k views • 51 slides
Two Exclusive Offers for Exec Group Members : Convio Summit 2008 &amp; Pre-Summit Executive

Two Exclusive Offers for Exec Group Members : Convio Summit 2008 &amp; Pre-Summit Executive

Two Exclusive Offers for Exec Group Members : Convio Summit 2008 &amp; Pre-Summit Executive Meeting November 17 19: Renaissance Austin Hotel, Austin Texas Receive a 50% discount on your conference registration Register online at

407 views • 25 slides
Amniotic Membrane Tissue Allografts: Arthrofibrosis &amp; TKR Orthopaedic Summit 201 7, Evolving

Amniotic Membrane Tissue Allografts: Arthrofibrosis &amp; TKR Orthopaedic Summit 201 7, Evolving

Amniotic Membrane Tissue Allografts: Arthrofibrosis &amp; TKR Orthopaedic Summit 201 7, Evolving Techniques Michael J. K aplan MD Disclaimer: Consultant for MiMedx Normal Wound Healing Physiology Inflammation &gt; H ours to Days

535 views • 24 slides

More recommend