Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Kempy
Newcomer III
‎09-17-2018 06:07 AM
‎09-17-2018 06:07 AM

us-cert bulletins - Department Broken, nothing seems to be assessed and backlog growing.

Recent bulletins seem to have very few if not none of the growing backlog categorized.

 

See for your self at https://www.us-cert.gov/ncas/bulletins/  currently 279 not yet calculated

 

Now if there is a problem here then surely this means your Vendors may not be including these into there detection's thus widening the gap on what gets patched, or at the very least prioritized.

 

Surely this is bad for global security but good for US intel/signals groups having easier targets.

 

Why is the US-Cert the only cert capable of producing these notifications, Why are none of the other Global Certs doing anything similar? 

 

Is the problem is actually upstream with NIST NVD?

 

Anybody know anything different, is this US policy change(making rest of world pay its fair share)??

Reply
0 Kudos
1 Reply
Early_Adopter
Community Champion
‎09-17-2018 06:40 AM
‎09-17-2018 06:40 AM

No further info on the CVE but just as context/an aside VirusTotal did look to reduce the access to less enthusiastic participants.

 

https://www.theregister.co.uk/2016/05/09/security_freeloaders_not_welcome_as_virustotal_gets_tough/

 

https://blog.virustotal.com/2016/05/maintaining-healthy-community.html

 

Reply
0 Kudos