in ,

OASIS, Tech Firms Seek to Advance Use of Standard Format for Cyber Vulnerability Disclosure

OASIS, Tech Firms Seek to Advance Use of Standard Format for Cyber Vulnerability Disclosure - top government contractors - best government contracting event
https://executivebiz-media.s3.amazonaws.com/2022/08/19/30/9f/c3/a0/b7/6f/d4/64/Executive-Biz.png

OASIS, Tech Firms Seek to Advance Use of Standard Format for Cyber Vulnerability Disclosure - top government contractors - best government contracting eventThe Organization for the Advancement of Structured Information Standards has partnered with technology firms and other organizations to advance the adoption of a standard format designed to automate reporting of cyber vulnerabilities.

The Common Security Advisory Framework developed by the OASIS’ technical committee works to facilitate interoperability and production of machine-readable vulnerability data and builds on the Industry Consortium for Advancement of Security on the Internet’s Common Vulnerability Reporting Framework format, OASIS said Tuesday.

“Our goal with CSAF is to make it easier for administrators to identify and address known vulnerabilities within their networks, regardless of the platforms they’re using,” said Omar Santos, principal engineer at Cisco’s product security incident response team and chair of the OASIS CSAF technical committee.

OASIS and Cisco also collaborated with the Department of Homeland Security, National Institute of Standards and Technology, Center for Internet Security and CERT/CC at Carnegie Mellon University’s Software Engineering Institute to help define the standard format.

Other companies that contributed to the CSAF definition include:

  • EclecticIQ
  • FireEye
  • Hitachi
  • IBM
  • Intel
  • LookingGlass Cyber Solutions
  • NC4
  • Oracle
  • Red Hat
  • SafeNet
  • TELUS
  • VeriSign
ExecutiveBiz Logo

Sign Up Now! ExecutiveBiz provides you with Daily Updates and News Briefings about Cybersecurity News

mm

Written by Jane Edwards

is a staff writer at Executive Mosaic, where she writes for ExecutiveBiz about IT modernization, cybersecurity, space procurement and industry leaders’ perspectives on government technology trends.

CenturyLink Secures Multistate Cooperative Contract to Offer Cloud Services - top government contractors - best government contracting event
CenturyLink Secures Multistate Cooperative Contract to Offer Cloud Services
DoD Taps Smartronix for On-Site Managed IT Services; John Parris Comments - top government contractors - best government contracting event
DoD Taps Smartronix for On-Site Managed IT Services; John Parris Comments