Page History
...
- Discovery – A researcher (not necessarily an academic one) discovers a vulnerability by using one of numerous tools and processes.
- Reporting – A researcher submits a vulnerability report to a software or product vendor, or a third-party coordinator if necessary.
- Validation and Triage – The analyst validates the report to ensure accuracy before action can be taken and prioritizes reports relative to others.
- Remediation – A remediation plan (ideally a software patch, but could also be other mechanisms) is developed and tested.
- Public Awareness – The vulnerability and its remediation plan is disclosed to the public.
- Deployment – The remediation is applied to deployed systems.
A mapping of CVD phases to CVD roles is provided in Table 2.
...
Overview
Content Tools