CVE Board Meeting
16 November 2016, 2:00 p.m. EST
The CVE Board met via teleconference on 16 November 2016.
Board members in attendance were:
Andy Balinsky (Cisco)
Harold Booth (NIST)
Scott Lawler (LP3)
Art Manion (CERT-CC)
Kurt Seifried (Red Hat/DWF)
Members of the MITRE CVE Team who attended the call are as follows:
2:00 – 2:05: Introductions, action items from the last meeting – Chris Coffin
2:05 – 2:10: CVE Strategic Planning Working Group Update – Kent Landfield
2:10 – 2:40: DWF Update – Kurt Seifried
2:40 – 3:00: Automation Working Group - Kurt Seifried and Harold Booth
3:00 – 3:30: CNA Summit review - Dan Adinolfi
3:30 – 3:55: Open discussion – CVE Board
3:55 – 4:00: Action items, wrap-up – Chris Coffin
The meeting began with a review of the action items from the previous Board meeting. The two action items were the creation of a mailing list for the Automation Working Group, which was created, and a list of action items from the CNA Summit, which is under development.
CVE Strategic Planning Working Group Update
The Strategic Planning Working Group met informally at the CNA Summit, but no new business was discussed. The next meeting is scheduled for the week of November 21.
The DWF is continuing to work through their requests and improve the processing of those requests. The team is working on methods for validating request data in a more automated fashion.
The idea of the creation of a mentor program within DWF was also discussed. This program would connect those new to CVE assignment with more experienced mentors associated with the DWF and CVE. The details of such a program are still under development, but there was interest in the idea.
Automation Working Group
The Automation Working Group update included a continuation of the discussion concerning the need for data validation for CVE submissions. Also, a mailing list (email@example.com) has been established for the Working Group, and the list will be populated by those interested in participating.
CNA Summit Review
The CNA Summit (8-9 November 2016 at the NCCoE facility in Gaithersburg, MD) was well attended, with approximately 25 attendees in person and 5 attendees online. Using presentations as starting points, there was a great deal of discussion among the CNAs regarding CVE theory and practice. A list of action items coming out of the meeting will be shared with the community. One of those action items is to hold another CNA Summit in 6-8 months to continue promoting collaboration across the CNA community.
The next Board Meeting will be held on November 30th.
CVE Board Meeting_11_16.docx
Description: CVE Board Meeting_11_16.docx