AIVSS as demand signal for SSVC #788
ahouseholder
started this conversation in
Ideas
Replies: 1 comment
-
|
Cross-linking two threads started by @j--- in the OWASP project: |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
There is an active OWASP project to create an AI Vulnerability Scoring System (AIVSS): https://github.com/OWASP/www-project-artificial-intelligence-vulnerability-scoring-system
There are a number of ideas encapsulated in their vector elements that could be turned into SSVC decision points if we wanted to. This thread is to capture thoughts on how SSVC should adapt/respond to AIVSS in particular, but also to start conversations about adapting SSVC to model decisions in AI vulnerability/flaw response.
Beta Was this translation helpful? Give feedback.
All reactions