[EXT] EPSS Working Group Forming

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[EXT] EPSS Working Group Forming

Landfield, Kent

All,

 

I have been asked to forward the following invitation, so all are aware of a new effort. The Exploit Prediction Scoring System (EPSS) is an open, data-driven framework for assessing vulnerability threat, that is, the probability that a vulnerability will be exploited in the wild within the first twelve months after public disclosure.

 

The effort is getting organized to move the project forward. If you are interested, please contact [hidden email] to get invited to the kickoff meeting.

 

Sasha’s message is below:

 

=================================================

As you may know, a group of us have designed and built EPSS, a data-driven model for predicting the probability that a vulnerability will be exploited in the wild. There has been a great deal of interest in this work, and in an effort to move it forward, we will be standing up a working group to help evolve and improve it.

 

The first meeting will be held on Friday April 17th at 12pm eastern. If you’re interested in participating, please let me know and I’ll send a meeting invitation. In addition, if you can't attend the meeting, but would like to be added to our mailing list, let me know.

 

As a kickoff meeting, we’ll have the following agenda:

 

  1. Introductions
  2. Intro to EPSS – quick overview of the scoring system
  3. Future of EPSS – quick summary about why we built this and what we’re trying to accomplish
  4. Topics: We have a growing list of topics to cover, but for the first meeting, we’ll try to cover issues related to: better data and modeling; API and usage; and communication distribution and document repository
  5. Schedule and planning going forward – organization of future calls

 

cheers,

Sasha Romanosky, Ph.D. 

Policy Researcher

RAND Corporation 

703.413.1100 x5336

[hidden email]

 

=================================================

 

Stay safe and have a great weekend!

 

Thank you, Gracias, Grazie,  谢谢, Merci!, Спасибо!, Bedankt,Danke!ありがとうधन्यवाद!

-- 

Kent Landfield

+1.817.637.8026

[hidden email]

 

Reply | Threaded
Open this post in threaded view
|

Re: [EXT] EPSS Working Group Forming

Landfield, Kent

One item I did not mention but should have,….  This is not a CVE Working Group.

 

Thank you, Gracias, Grazie,  谢谢, Merci!, Спасибо!, Bedankt,Danke!ありがとうधन्यवाद!

-- 

Kent Landfield

+1.817.637.8026

[hidden email]

 

 

From: Kent Landfield <[hidden email]>
Date: Friday, April 3, 2020 at 3:19 PM
To: CVE Editorial Board Discussion <[hidden email]>
Subject: [EXT] EPSS Working Group Forming

 

CAUTION: External email. Do not click links or open attachments unless you recognize the sender and know the content is safe.

 


All,

 

I have been asked to forward the following invitation, so all are aware of a new effort. The Exploit Prediction Scoring System (EPSS) is an open, data-driven framework for assessing vulnerability threat, that is, the probability that a vulnerability will be exploited in the wild within the first twelve months after public disclosure.

 

The effort is getting organized to move the project forward. If you are interested, please contact [hidden email] to get invited to the kickoff meeting.

 

Sasha’s message is below:

 

=================================================

As you may know, a group of us have designed and built EPSS, a data-driven model for predicting the probability that a vulnerability will be exploited in the wild. There has been a great deal of interest in this work, and in an effort to move it forward, we will be standing up a working group to help evolve and improve it.

 

The first meeting will be held on Friday April 17th at 12pm eastern. If you’re interested in participating, please let me know and I’ll send a meeting invitation. In addition, if you can't attend the meeting, but would like to be added to our mailing list, let me know.

 

As a kickoff meeting, we’ll have the following agenda:

 

  1. Introductions
  2. Intro to EPSS – quick overview of the scoring system
  3. Future of EPSS – quick summary about why we built this and what we’re trying to accomplish
  4. Topics: We have a growing list of topics to cover, but for the first meeting, we’ll try to cover issues related to: better data and modeling; API and usage; and communication distribution and document repository
  5. Schedule and planning going forward – organization of future calls

 

cheers,

Sasha Romanosky, Ph.D. 

Policy Researcher

RAND Corporation 

703.413.1100 x5336

[hidden email]

 

=================================================

 

Stay safe and have a great weekend!

 

Thank you, Gracias, Grazie,  谢谢, Merci!, Спасибо!, Bedankt,Danke!ありがとうधन्यवाद!

-- 

Kent Landfield

+1.817.637.8026

[hidden email]