CERTCC SSVC · Discussions

Sort by: Latest activity

Discussions

You must be logged in to vote

Sightings

j--- started Aug 16, 2023 in General

21
You must be logged in to vote

List of projects that expose SSVC as a feature of their project

chrisdlangton asked May 11, 2024 in Q&A · Closed · Unanswered

2
You must be logged in to vote

How to integrate SSVC into CVE ADP?

ahouseholder started Aug 1, 2023 in Ideas

6
You must be logged in to vote

SSVC v2024.3

ahouseholder started Mar 8, 2024 in General

0
You must be logged in to vote

Supply chain modeling is hard

j--- started Jun 30, 2023 in General

8
You must be logged in to vote

What are the versioned objects in SSVC?

ahouseholder started Aug 1, 2023 in Ideas · Closed

46
You must be logged in to vote

Is the distinction between "public exploit" and "private exploit" significant to anyone's decision process?
documentation Improvements or additions to documentation enhancement New feature or request clarification needed More information is necessary to decide on a course of action
ahouseholder started Oct 20, 2023 in Ideas · Closed

2
You must be logged in to vote

Defining a risk owner tree customization workflow
documentation Improvements or additions to documentation enhancement New feature or request
j--- started Mar 16, 2022 in Ideas · Closed

5
You must be logged in to vote

Abstracting outcome sets

ahouseholder started Oct 19, 2023 in Ideas

1
You must be logged in to vote

Defining tree versions

ahouseholder started Sep 6, 2023 in Ideas · Closed

24
You must be logged in to vote

Do we need a decision point to address "criticality"?
enhancement New feature or request
zmanion started Mar 29, 2022 in Ideas · Closed

15
You must be logged in to vote

Are Decision Points always ordered sets?

ahouseholder started Aug 8, 2023 in Ideas · Closed

6
You must be logged in to vote

How do we maintain the Authors list over multiple revisions?

ahouseholder started Jul 12, 2023 in General · Closed

4
You must be logged in to vote

SSVC data/scores into CVE JSON as an Authorized Data Provider
enhancement New feature or request
sei-vsarvepalli started Mar 10, 2021 in Ideas

11
You must be logged in to vote

SSVC v2.1

ahouseholder started Jul 17, 2023 in General · Closed

1
You must be logged in to vote

Reassess default suggested supplier tree

j--- started Jun 30, 2023 in Ideas · Closed

3
You must be logged in to vote

On the different "causal models" of SSVC and CVSS
documentation Improvements or additions to documentation enhancement New feature or request demo site Demo site and production site content
j--- started May 16, 2022 in Ideas

17
You must be logged in to vote

Reassess Supplier Defer Definition

j--- started Jun 30, 2023 in Ideas

2
You must be logged in to vote

Suppliers' Tree - Can the safety question be answered?

laurie-tyz started Jun 13, 2023 in Ideas · Closed

4
You must be logged in to vote

Provide better summary for what is the same and what is different across organizations
documentation Improvements or additions to documentation
j--- started May 23, 2022 in Ideas · Closed

7
You must be logged in to vote

Should deployer tree replace Utility with Automatable?

j--- started Mar 31, 2021 in Ideas · Closed

5
You must be logged in to vote

Consider splitting doc from tools into separate repositories
enhancement New feature or request
ahouseholder started Apr 12, 2023 in Ideas

5
You must be logged in to vote

Chainability of a vul
enhancement New feature or request
j--- started Feb 1, 2021 in Ideas

3
You must be logged in to vote

What mitigations may lead to the most efficient risk reduction.
enhancement New feature or request
laurie-tyz started Nov 24, 2020 in Ideas

3
You must be logged in to vote

Consider modifying technical impact to include aspects of (or rename to) Security Posture Change
enhancement New feature or request
ahouseholder started Sep 9, 2020 in Ideas

6

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Filter by label

Sorry, something went wrong.

Sorry, something went wrong.

No labels found. Sorry about that.

Categories

Discussions

Sightings

List of projects that expose SSVC as a feature of their project

How to integrate SSVC into CVE ADP?

SSVC v2024.3

Supply chain modeling is hard

What are the versioned objects in SSVC?

Is the distinction between "public exploit" and "private exploit" significant to anyone's decision process?

Defining a risk owner tree customization workflow

Abstracting outcome sets

Defining tree versions

Do we need a decision point to address "criticality"?

Are Decision Points always ordered sets?

How do we maintain the Authors list over multiple revisions?

SSVC data/scores into CVE JSON as an Authorized Data Provider

SSVC v2.1

Reassess default suggested supplier tree

On the different "causal models" of SSVC and CVSS

Reassess Supplier Defer Definition

Suppliers' Tree - Can the safety question be answered?

Provide better summary for what is the same and what is different across organizations

Should deployer tree replace Utility with Automatable?

Consider splitting doc from tools into separate repositories

Chainability of a vul

What mitigations may lead to the most efficient risk reduction.

Consider modifying technical impact to include aspects of (or rename to) Security Posture Change

CERTCC SSVC Discussions

Categories, most helpful, and community links

Categories

Community links

Discussions