Software vulnerabilities exist despite the industry’s best efforts. It doesn’t matter if it is open source or custom code. It’s software, and it is going to have vulnerabilities. Knowing this, security professionals want to keep track of new vulnerabilities. There are a variety of ways to do so, but the most reliable methods will include feeds or reports from reputable sources.
Posted in Application Security | Comments Off on How accurate is CVSS scoring?