|
+2 for using CPE
{Masato Terada}
Hitachi Incident Response Team
+1 for using CPE
I would support using CPE as a SHOULD in this case. It's what we've standardized on as a product identifier.
CPE is not without its limitations, but it's better than a free form text field. Although, for giggles, you should look up Internet Explorer in the CPE dictionary at the NVD site...
--
iDefense, Director of Product Management
I have concerns about the Cybox "software" object, and how it is so free-form with no real limitations.
Based on experience of trying to map things based on software names, it will descend into a mess. You will have some vendors using the word "MSIE" and others using "Microsoft IE" and others using "Internet Explorer" and others using "Microsoft Internet Explorer",
all in the same field (this is just one example).
Should we perhaps instead look to use CPE? Or at least suggesting using CPE where it fits as a
SHOULD ? Why are we reinventing the wheel when CPE solved this...
-
Jason Keirstead
STSM, Product Architect, Security Intelligence, IBM Security Systems
http://www.ibm.com/security |
http://www.securityintelligence.com
Without data, all you are is just another person with an opinion - Unknown
This email and any attachments thereto may contain private, confidential, and/or privileged material for the sole use of the intended recipient. Any review, copying, or distribution of this email (or any attachments thereto) by others is strictly prohibited.
If you are not the intended recipient, please contact the sender immediately and permanently delete the original and any copies of this email and any attachments thereto.
|