CVE Board Agenda - Wednesday, October 3, 2018

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

CVE Board Agenda - Wednesday, October 3, 2018

Common Vulnerabilities & Exposures

Agenda

2:00 – 2:15: Introductions, action items from the last meeting – Chris Coffin

  • Previous Action Item: Art Manion to report back to the Board about the CVSS SIG Meeting
    • Status: To be discussed
  • Previous Action Item: Scott Moore to notify MITRE on how to handle IBM researcher CNA status
    • Status: Complete
  • Previous Action Item: MITRE to add Andy Balinsky to the Cloud Security Alliance working group to discuss CVE for services
    • Status: In process
  • Previous Action Item: Andy Balinsky - Post message/document to the list as a foundational piece regarding Cloud Security Alliance.
    • Status: TBD
  • Previous Action Item: MITRE to add CSA to the regular Board meeting agenda
    • Status: Complete
  • Previous Action Item: Kurt Seifried to provide the names of those participating in the CVE User Registry project and set up a requirements kickoff meeting.
    • Status: Not Done
  • Previous Action Item: MITRE (Chris C/Jonathan) to send out an email to the Board list to initiate the CNA Rules revision process.
    • Status: In process
  • Previous Action Item: Send out note to Board on CVE Quality WG (MITRE)
    • Status: Not Done

2:15 – 2:30: Working Groups

  • Strategic Planning – Kent Landfield / Chris Coffin
  • Automation – Chris Johnson / Dave Waltermire
  • Cloud Security Alliance – Kurt Seifried/Chris Coffin

2:30 – 2:45: CNA Update

·         DWF – Kurt Seifried 

·         MITRE – Jonathan Evans

·         JPCERT – Taki Uchiyama

 

2:45 – 3:00: Board Homework: How to advertise CVE Metrics to the CommunityBoard Discussion

3:00 – 3:30: Scoping as it relates to the CVE User Registry – Kurt Seifried

3:30 – 3:50: CVE assignments for end of life and unsupported productsChris Coffin

3:50 – 4:00: Action items, wrap-up – Chris Coffin