nCircle.com >> 360 Security

« As The Veneer of Security Starts to Fade... | Main | SCADAGard SIG To Be Established »

Vulnerability Scoring Systems

ZDNet today posted this article about the newly designed vulnerability scoring system that Qualys is announcing at RSA today. I found one line particularly interesting:

"[The system] is designed to provide the first systematic grading of flaws that can be used by companies to assess damage to their vulnerable systems and to prioritize patching.

Well, not quite the first. We've been doing that with nCircle's scoring system for over 5 years. With exactly the same criteria for evaluation. I imagine that they've made some changes - it'll be interesting to see what they've done and if they've run into some of the same flaws as our early versions. I'll post more on that once I've read the paper describing the metric.

I think that this is an excellent thing for the industry - there's no doubt that all of the products need to have a granular metric to assist their customers. Our customers see the benefits of the system on a daily basis - it's good that others in the industry are finally catching up to that view of the world.

It's one that we've had for 5 years now.

Posted on February 16, 2005 9:49 AM |

Search


About

This page contains a single entry from the blog posted on February 16, 2005 9:49 AM.

The previous post in this blog was As The Veneer of Security Starts to Fade....

The next post in this blog is SCADAGard SIG To Be Established.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]