lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Sun, 27 Dec 2020 11:29:25 +0100
From: Zinaida Benenson <zinaida.benenson@....de>
To: fulldisclosure@...lists.org
Subject: [FD] survey on reliability of CVSS

The University of Erlangen-Nuremberg (Germany) is conducting a research 
study to test the reliability of CVSS (Common Vulnerability Scoring 
System). If you are currently assessing vulnerabilities using CVSS, we 
would greatly appreciate your participation which contributes to the 
improvement of vulnerability management. This survey takes approx. 45 
minutes:

https://user-surveys.cs.fau.de/index.php?r=survey/index&sid=248857

There has been a lot of critique on CVSS, and we are conducting a 
rigorous experimental investigation of some of the critique points.

The survey will be running till the end of January. Would be great if 
you completed it as soon as possible for you. We spent several months 
developing the survey, and need approx. 300 responses for conducting 
robust statistical analysis.

If you are not scoring vulnerabilities using CVSS, but know people who 
are, we would be very grateful if you helped us and distributed this 
survey to them.

Thank you,

Zinaida


-- 
Dr. Zinaida Benenson

Human Factors in Security and Privacy Group
Chair for IT Security Infrastructures
University of Erlangen-Nuremberg
http://www1.informatik.uni-erlangen.de/staff/zina

Martensstr. 3 (floor 12, room 12.153)
91058 Erlangen

(+49) 91 31 85 699 08
zinaida.benenson@....de

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists