A brief discussion on CVSS 4.0 and the evolution of vulnerability score assessment
On November 1, 2023, FIRST officially released CVSS 4.0. CVSS is not only one of the most important indicators in the information security industry, but also an important reference information for users when facing vulnerabilities.
This speech will introduce the concept of CVSS and the changes in CVSS 4.0. In the future, when viewers encounter CVSS scores, they will not just see them as numbers to better understand the meaning behind them. In addition, we will mention some details that are often overlooked in CVSS, such as: 50% of CVEs are CVSS 7 or above, only a few CVEs with high/severe severity are exploited, and the reasons why CVSS scores are generally high.
Finally, through simulation examples, the audience is guided to analyze a vulnerability, analyze various CVSS indicators, and use the CVSS calucator to calculate scores.
TOPIC / TRACK
Supply Chain Cybersecurity Forum
LOCATION
Taipei Nangang Exhibition Center, Hall 2
4F 4A
LEVEL
Intermediate Intermediate sessions focus on cybersecurity architecture, tools, and practical applications, ideal for professionals with a basic understanding of cybersecurity.
SESSION TYPE
Breakout Session
LANGUAGE
Chinese
SUBTOPIC
Vulnerability Assessment
Risk Assessment
Threat Intelligence
CYBERSEC 2024 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy 。