[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Project Chroma: A color code for the state ofcyber security
- To: rholgstad <rholgstad@xxxxxxxxx>, full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] Project Chroma: A color code for the state ofcyber security
- From: n3td3v <xploitable@xxxxxxxxx>
- Date: Mon, 1 Dec 2008 20:52:11 +0000
Maybe he thinks the same as you and is making fun of the Department of
Homeland Security, SANS Internet Storm Center etc.
On Mon, Dec 1, 2008 at 4:27 PM, rholgstad <rholgstad@xxxxxxxxx> wrote:
> and how does making a color based on these inputs protect people?
>
> Mike C wrote:
>> On Mon, Dec 1, 2008 at 4:21 AM, vulcanius <vulcanius@xxxxxxxxx> wrote:
>>
>>> By the way, I also noticed that the new site for your project has the
>>> current threat level as yellow. Is it safe to assume that you've already got
>>> your metric systems in place and running?
>>>
>>>
>>
>> Yes,
>>
>> We do have a working framework for color code generation. The inputs
>> to this function include
>>
>> *exploits released in the past week
>> - The severity of the exploit
>> - The application it was in
>> - The language
>> - estimated users of the software
>>
>> *The previous week's color
>>
>> *Localized nature of exploits.
>>
>> We cannot comment more on this until it is refined and standardized.
>> If you are (or know) an antivirus vendor, please contact me offline to
>> move ahead.
>>
>>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/