|
| This Article | ||
| ||
| Share | ||
| Bibliographic References | ||
| Add to: | ||
 Digg  Furl  Spurl  Blink  Simpy  Google  Del.icio.us  Y!MyWeb | ||
| Search | ||
| ||
| ASCII Text | x | ||
| Rick Kuhn, Chris Johnson, "Vulnerability Trends: Measuring Progress," IT Professional, vol. 12, no. 4, pp. 51-53, July/August, 2010. | |||
| BibTex | x | ||
| @article{ 10.1109/MITP.2010.116, author = {Rick Kuhn and Chris Johnson}, title = {Vulnerability Trends: Measuring Progress}, journal ={IT Professional}, volume = {12}, number = {4}, issn = {1520-9202}, year = {2010}, pages = {51-53}, doi = {http://doi.ieeecomputersociety.org/10.1109/MITP.2010.116}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, } | |||
| RefWorks Procite/RefMan/Endnote | x | ||
| TY - MGZN JO - IT Professional TI - Vulnerability Trends: Measuring Progress IS - 4 SN - 1520-9202 SP51 EP53 EPD - 51-53 A1 - Rick Kuhn, A1 - Chris Johnson, PY - 2010 KW - Information technology KW - security & privacy KW - software vulnerabilities VL - 12 JA - IT Professional ER - | |||
What is the state of security engineering today? Are we, as an industry, making progress? What are the prospects for the future? An analysis of data from the National Vulnerability Database-which provides fine-grained search capabilities of all publicly reported software vulnerabilities since 1997-helps answer these questions.
1. R. Kuhn, H. Rossman, and S. Liu, "Introducing 'Insecure IT,'" IT Professional, Jan./Feb. 2009, pp. 24–26.
2. P. Mell, K. Scarfone, and S. Romansky, "A Complete Guide to the Common Vulnerability Scoring System Version 2.0," Forum of Incident Response and Security Teams, June 2007; www.first.org/cvsscvss-guide.html.
3. "Web Server Survey," Netcraft, Apr. 2010; http://news.netcraft.com/archives/2010/04/ 15april_2010_web_server_survey.html.
4. "Number of Interactions Involved in Software Failures—Empirical Data," Nat'l Inst. Standards and Technology, 2010; http://csrc.nist.gov/groups/SNS/actsftfi.html .