1512, 2015

Cisco bases its new OpenVuln API on ICASI’s CVRF Standard

December 15th, 2015|Blog|

An eWeek article tells how Cisco’s release of its OpenVuln API, based on the ICASI Common Vulnerability Reporting Framework (CVRF) and other standards, is a further push by the company to make security advisories easier [...]

1506, 2015

ICASI helps drive first F2F of the Vulnerability Coordination SIG

June 15th, 2015|Blog|

This week I’m attending the 2015 FIRST Conference in Berlin ( to co-chair a meeting of the newly chartered Vulnerability Coordination SIG.  This SIG was born out of issues such as Heartbleed, which highlighted the [...]

2306, 2014

ICASI facilitates conversation around Coordination at FIRST

June 23rd, 2014|Blog|

In support of its efforts to facilitate industry-wide conversation around ways to improve vulnerability coordination, ICASI will be hosting two sessions on the topic during this week’sFIRST Conference in Boston. We encourage anyone who will [...]

1309, 2013

Trust. That’s Why.

September 13th, 2013|Blog|

The topic of ICASI arises often when I visit customers or talk with folks from both inside and outside of the computer and telecommunications industries. They typically ask a variety of questions ranging from “What [...]

1706, 2013

Vulnerability Response and Disclosure: One Size Does Not Fit All

June 17th, 2013|Blog|

[Notice: This blog post should not be interpreted in any way as representing the position of any particular ICASI member company, or a formal position statement from ICASI itself.] A recent blog post brought back [...]

3005, 2013

Security Automation Webcast

May 30th, 2013|Blog|

In today's world of near-constant updates and patching, keeping a network up-to-date and secure is no easy task. After all, every time a vendor discloses a security vulnerability, network security administrators must identify affected devices [...]