Leslie Forbes
Activity overview
Latest activity by Leslie Forbes-
Leslie Forbes created a post, CVSS - The Vector String
Vulnerabilities are defined in terms of an ID, a Name, Description and other details including platform info. Consumers of the data in a vulnerability description need to know the conventions for c...
-
Leslie Forbes created a post, Static Analysis - Updating NVD CVE data on an offline Axonius system
Offline Retrieval of NVD CVE Data Customers who operate their own instance of Axonius Platform which doesn’t have access to the internet will find they don’t have the ability to have Installed Soft...
-
Leslie Forbes created a post, Nomenclature and Terms
APT - Advanced Persistent Threat CIA - The so-called "CIA triad" of Confidentiality, Integrity, and Availability - when related to data CNA - CVE Numbering Authority CVE - Common Vulnerability Expo...
-
Leslie Forbes created a post, Common Vulnerability Scoring System - CVSS
Vulnerabilities abound in their 1000s, with 30,000 being added just in 2021! Each vulnerability reported is assigned a CVE ID by one of a number of numbering authorities, and contains a brief descr...
-
Leslie Forbes created a post, Vulnerability Assessment
Objective Users wishing to protect their computing systems are all too aware of the potential for their systems to be compromised. Compromise occurs when a vulnerability is exploited. It could be a...
-
Leslie Forbes created a post, Vulnerability Management - Core Concepts
What is a Vulnerability? Commonly, a vulnerability is a flaw in a system that weakens the overall security of the device/system (Wikipedia). Computers all use software to make them useful. The most...
-
Leslie Forbes created a post, Learning about Vulnerabilities
We're going on a journey through the minefield of Vulnerabilities, assessment, management and reporting. From a rather basic starting point - call it Vulnerabilities 101, if you will. Here are a se...
-
Leslie Forbes created a post, Microsoft Support Diagnostic Toolkit (msdt.exe) exploitable - CVE-2022-30190 (CVSS3 = 7.8)
UPDATE: June 14 - Microsoft has updated the information on the relevant page: "The update for this vulnerability is in the June 2022 cumulative Windows Updates. Microsoft strongly recommends that c...