NVD Banner
Vulnerabilities Checklists 800-53/800-53A Product Dictionary Impact Metrics Data Feeds Statistics
Home SCAP SCAP Validated Tools SCAP Events About Contact Vendor Comments
Mission and Overview
NVD is the U.S. government repository of standards based vulnerability management data. This data enables automation of vulnerability management, security measurement, and compliance (e.g. FISMA).
Resource Status

NVD contains:

55077 CVE Vulnerabilities
202Checklists
231 US-CERT Alerts
2690 US-CERT Vuln Notes
8140OVAL Queries

Last updated:  02/13/13

CVE Publication rate:

17 vulnerabilities / day
Email List

NVD provides five mailing lists to the public. For information and subscription instructions please visit NVD Mailing Lists

Workload Index
Vulnerability Workload Index: 8.08
About Us

NVD is a product of the NIST Computer Security Division and is sponsored by the Department of Homeland Security’s National Cyber Security Division. It supports the U.S. government multi-agency (OSD, DHS, NSA, DISA, and NIST) Information Security Automation Program. It is the U.S. government content repository for the Security Content Automation Protocol (SCAP).

Report a Vulnerability

Report an Incident

RSS Feed

Checklists

CVE

CCE

CPE

CVSS

XCCDF

OVAL

4th Annual IT Security Automation Conference
Information: Conference Agenda
Location:

National Institute of Standards and Technology (NIST)

Red Auditorium
Administration Building/ Bldg. 101
100 Bureau Dr.
Gaithersburg, MD 20899
Date: Conference - September 23rd and 24th, 2008
Workshops - September 22nd and 25th, 2008
Sponsors: National Institute of Standards and Technology (NIST)
National Security Agency
Defense Information Security Agency
Department of Homeland Security
Audience: Security Managers and Staff, IT Professionals Interested in Improving IT Security, Security Professionals Interested in Developing Security Content, Security Content Tool Vendors.

IT executives are particularly encouranged to attend the first day of the conference, which will focus on federal security automation use cases and lessons learned.
Format: Conference, lecture, workshop, vendor displays.
Purpose: Provide a common understanding for how using specific open standards enables automated:
  • Vulnerability and security configuration management,
  • Measurement for evaluation of the impact of discovered security issues, and
  • Policy (FISMA) compliance
Topics:
  • Security Content Automation Protocol (SCAP) Standards: CVE, CCE, CPE, CVSS, XCCDF, OVAL
  • Information Security Automation Program (ISAP)
  • Automating FISMA, HIPAA, PCI, STIG Compliance
  • Private Public Partnerships and Government Collaboration
  • Industry Requirements and Standards
  • Product Demonstrations
Presentations: http://nvd.nist.gov/2008-presentations.cfm
Logistics Contact: Angela Ellis
phone: (301) 975-3881
email: agellis@nist.gov
Vendors Contact: John Banghart
phone: (301) 975-8514
email: john.banghart@nist.gov
Presenter Contact: Stephen Quinn
phone: (301) 975-6967
email: stephen.quinn@nist.gov
Registration: http://www.nist.gov/public_affairs/confpage/080923.htm
Registration Fee: $95
Accommodations: A block of rooms has been reserved for the nights of Septermber 22-24, 2008 at the Holiday Inn Gaithersburg, Two Montgomery Village Avenue, Gaithersburg, MD 20879. The special rate is $109.00 per night plus 12% tax. Please contact the hotel directly at 301/948-8900. To make your reservation, mention that you are attending the "NIST/ 4th Annual Security Automation Conference and Workshop".