[SC-L] BSIMM: Confessions of a Software Security Alchemist (informIT)
Stephan Neuhaus
Stephan.Neuhaus at disi.unitn.it
Thu Mar 19 03:42:45 EST 2009
On Mar 18, 2009, at 23:14, Steven M. Christey wrote:
> I believe this is reflected in public CVE data. Take a look at the
> bugs
> that are being reported for, say, Microsoft or major Linux vendors
> or most
> any product with a long history, and their current number 1's are
> not the
> same as the number 1's of the past.
I am trying to get funding for a study that would address precisely
this issue. Here is a write-up that I made for the Master students
here at the University of Trento that explains in more detail what I'm
trying to do; perhaps someone on this list is interested in
collaborating: http://www.disi.unitn.it/~neuhaus/proposals/Security-Trends.pdf
Best,
Stephan
More information about the SC-L
mailing list