Half-Day Vulnerabilities: A study of the First Days of CVE Entries. (arXiv:2303.07990v1 [cs.CR])

admin March 15, 2023 1 min read

The National Vulnerability Disclosure Database is an invaluable source of
information for security professionals and researchers. However, in some cases,
a vulnerability report is initially published with incomplete information, a
situation that complicates incident response and mitigation. In this paper, we
perform an empirical study of vulnerabilities that are initially submitted with
an incomplete report, and present key findings related to their frequency,
nature, and the time needed to update them. We further present a novel
ticketing process that is tailored to addressing the problems related to such
vulnerabilities and demonstrate the use of this system with a real-life use
case.

Related Stories

The Board of Directors Will See You Now

Epidemic of Insecure Storage, Backup Devices Is a Windfall for Cybercriminals

MITRE Rolls Out Supply Chain Security Prototype

You may have missed

Pros and Cons to a “Hybrid Approach” to Microsoft 365 Commercial and GCC/GCC High

Critical WooCommerce Payments Plugin Flaw Patched for 500,000+ WordPress Sites

Brazilian DPA Enacts Regulation on the Setting and Application of Administrative Penalties Under the Brazilian General Data Protection Law

CIPL Publishes Key Takeaways from Age Assurance and Age Verification Tools Roundtable