[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Survey: Use of Same Attack/Same Codebase content decision in VDB's
- To: "Proctor, Paul" <paul.proctor@centraxcorp.com>
- Subject: Re: Survey: Use of Same Attack/Same Codebase content decision in VDB's
- From: William Hill <bill@mitre.org>
- Date: Tue, 06 Jul 1999 23:58:13 -0400
- CC: "Steven M. Christey" <coley@linus.mitre.org>, cve-review@linus.mitre.org, SRG <srg@centraxcorp.com>
- Organization: The MITRE Corporation
- References: <91335FB48174D211B663006008C3E5881B17A2@mail>
I think those kinds of things are outside the scope of the CVE. Bill "Proctor, Paul" wrote: > <SNIP> > One of the disconnects between the host-based ID and the CVE is that > vulnerability exploitation is only one aspect of monitoring. We also > monitor for behavior deviations, trends, and patterns of misuse such as > abuse of privilege. I've been wondering if the CVE will attempt to address > these or just stick with known vulnerabilities. > > <SNIP>
begin:vcard n:Hill;William tel;work:703-883-6416 x-mozilla-html:TRUE org:The MITRE Corporation adr:;;1820 Dolley Madison Blvd;McLean;VA;22102; version:2.1 email;internet:bill@mitre.org title:INFOSEC Engineer fn:Bill Hill end:vcard
- References:
- RE: Survey: Use of Same Attack/Same Codebase content decision in VDB's
- From: "Proctor, Paul" <paul.proctor@centraxcorp.com>
- RE: Survey: Use of Same Attack/Same Codebase content decision in VDB's
- Prev by Date: RE: Survey: Use of Same Attack/Same Codebase content decision in VDB's
- Next by Date: Vendor disclosure to ICSA IDC
- Prev by thread: Re: Survey: Use of Same Attack/Same Codebase content decision in VDB's
- Next by thread: Re: Survey: Use of Same Attack/Same Codebase content decision in VDB's
- Index(es):
