Reply to post: Who is "we", Kemosabe?

We're almost into the third decade of the 21st century and we're still grading security bugs out of 10 like kids. Why?

jake Silver badge

Who is "we", Kemosabe?

"We need to come up with a more dynamic process that takes in the CVSS score, but also factors in knowledge from the system."

Those of us in the business have been doing that very thing for decades, usually without bothering with the CVSS score as the superfluous thing that it is. Got anything new to share with us, Rogers?

(Note: I matters not one whit what you tell Management, all they care about is the bottom line. If your solution can turn a profit, you're Golden. If it's a cost center, they will fight it tooth and nail. Turn broken security into a real, not imagined, cost center (with numbers!) and Bob's your Auntie.)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon