csaf

September 21, 2017

SECURITY

CSAF Common Vulnerability Reporting Framework (CVRF) Version 1.2 is Now Available

1 min read

I am pleased to announce that the OASIS CSAF Common Vulnerability Reporting Framework (CVRF) Version 1.2 committee specification is now available. As covered in our previous blog posts, the purpose of the OASIS Common Security Advisory Framework (CSAF) Technical Committee (TC) is to standardize the practices for structured machine-readable security vulnerability-related advisories. The CSAF TC is focusing […]

June 20, 2017

SECURITY

CVRF Version 1.2 Now Available for Public Comment

1 min read

A few months ago, I wrote about the new OASIS Common Security Advisory Framework (CSAF) Technical Committee (TC). The purpose of the CSAF Technical Committee is to standardize the practices for structured machine-readable security vulnerability-related advisories. And then we will further refine those standards over time. The Common Vulnerability Reporting Framework (CVRF) Version 1.2, the […]

October 18, 2016

SECURITY

Evolving Security Disclosures : The New OASIS Common Security Advisory Framework (CSAF) Technical Committee

2 min read

During the last few years we have witnessed how the cyber security threat landscape has evolved. The emergence of the Internet of Things combined with recent events have profoundly changed how we protect our systems and people, and drive us to think about new approaches for vendors to disclose security vulnerabilities to customers and consumers. […]