[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Project Chroma: A color code for the state ofcyber security
- To: Mike C <mike.cartall@xxxxxxxxx>
- Subject: Re: [Full-disclosure] Project Chroma: A color code for the state ofcyber security
- From: rholgstad <rholgstad@xxxxxxxxx>
- Date: Mon, 01 Dec 2008 10:27:29 -0600
and how does making a color based on these inputs protect people?
Mike C wrote:
> On Mon, Dec 1, 2008 at 4:21 AM, vulcanius <vulcanius@xxxxxxxxx> wrote:
>
>> By the way, I also noticed that the new site for your project has the
>> current threat level as yellow. Is it safe to assume that you've already got
>> your metric systems in place and running?
>>
>>
>
> Yes,
>
> We do have a working framework for color code generation. The inputs
> to this function include
>
> *exploits released in the past week
> - The severity of the exploit
> - The application it was in
> - The language
> - estimated users of the software
>
> *The previous week's color
>
> *Localized nature of exploits.
>
> We cannot comment more on this until it is refined and standardized.
> If you are (or know) an antivirus vendor, please contact me offline to
> move ahead.
>
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/