You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
SSVC may be in a position to be providing additional detail about these areas. I don't think we're overlapping, but if we are in fact providing additional detail to things listed in the PSIRT and CSIRT services frameworks, we should reach out to FIRST to coordinate and see if they agree and want to link to SSVC documentation for additional detail.
The text was updated successfully, but these errors were encountered:
Need to digest the services frameworks in more detail, but I could imagine one way to represent this could be to do a cross-walk table similar to what we did with Vultron and various vulnerability disclosure ISO docs:
Something like this, yes.
In this case, I think we also have the opportunity to chat with the FIRST framework authors and get their feedback after we draft it.
Service area 3 is about vulnerability triage for PSIRTs
https://www.first.org/standards/frameworks/psirts/psirt_services_framework_v1.1
Service area 7.2.2 is about CSIRT vulnerability triage
https://www.first.org/standards/frameworks/csirts/csirt_services_framework_v2.1#7-2-Service-Vulnerability-report-intake
SSVC may be in a position to be providing additional detail about these areas. I don't think we're overlapping, but if we are in fact providing additional detail to things listed in the PSIRT and CSIRT services frameworks, we should reach out to FIRST to coordinate and see if they agree and want to link to SSVC documentation for additional detail.
The text was updated successfully, but these errors were encountered: