Versions Compared

Old Version 5

changes.mady.by.user user-f8986

Saved on

compared with

New Version 6

changes.mady.by.user user-f8986

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Discovery – A researcher (not necessarily an academic one) discovers a vulnerability by using one of numerous tools and processes.
  • Reporting – A researcher submits a vulnerability report to a software or product vendor, or a third-party coordinator if necessary.
  • Validation and Triage – The analyst validates the report to ensure accuracy before action can be taken and prioritizes reports relative to others.
  • Remediation – A remediation plan (ideally a software patch, but could also be other mechanisms) is developed and tested.
  • Public Awareness – The vulnerability and its remediation plan is disclosed to the public.
  • Deployment – The remediation is applied to deployed systems.

A mapping of CVD phases to CVD roles is provided in Table 2. 

...