Sveriges mest populära poddar

Open Source Security

Episode 201 - We broke CVSSv3, now how do we fix it?

31 min•15 juni 2020

Josh and Kurt talk about CVSSv3 and how it's broken. We started with a blog post to explain why the NVD CVSS scores are so wrong, and we ended up researching CVSSv3 and found out it's far more broken than any of us expected in ways we didn't expect. NVD isn't broken, CVSSv3 is. How did we get here? Are there any options that work today? Where should we go next?

Show Notes

Fler avsnitt av Open Source Security

AIBOM, CBOM, and HBOM with Allan Friedman

29 juni•35 min

Packagist and Composer security with Jordi Boggiano

22 juni•35 min

Sustaining Open VSX with Mike and Thabang

15 juni•37 min

Hacking your CI/CD with François Proulx

8 juni•36 min

Open source verification with Sal Kimmich

1 juni•32 min

Vulnerability disclosure with Casey Ellis

25 maj•38 min

F-Droid the open app store with Hans

18 maj•37 min

Open source is critical infrastructure with Kat Cosgrove

11 maj•38 min

How to actually test a disaster plan with David Bernstein

Open Source Pledge with Vlad-Stefan Harbuz

27 apr.•35 min

Open Source Security med Josh Bressers finns tillgänglig på flera plattformar. Informationen på denna sida kommer från offentliga podd-flöden.