Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Preprint |
| Published: |
2024
|
| Subjects: | |
| Online Access: | https://arxiv.org/abs/2408.14937 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1866910578507776000 |
|---|---|
| author | Wunder, Julia Aurich, Janik Benenson, Zinaida |
| author_facet | Wunder, Julia Aurich, Janik Benenson, Zinaida |
| contents | Security advisories have become an important part of vulnerability management. They can be used to gather and distribute valuable information about vulnerabilities. Although there is a predefined broad format for advisories, it is not really standardized. As a result, their content and form vary greatly depending on the vendor. Thus, it is cumbersome and resource-intensive for security analysts to extract the relevant information. The Common Security Advisory Format (CSAF) aims to bring security advisories into a standardized format which is intended to solve existing problems and to enable automated processing of the advisories. However, a new standard only makes sense if it can benefit users. Hence the questions arise: Do security advisories cause issues in their current state? Which of these issues is CSAF able to resolve? What is the current state of automation?
To investigate these questions, we interviewed three security experts, and then conducted an online survey with 197 participants. The results show that problems exist and can often be traced back to confusing and inconsistent structures and formats. CSAF attempts to solve precisely these problems. However, our results show that CSAF is currently rarely used. Although users perceive automation as necessary to improve the processing of security advisories, many are at the same time skeptical. One of the main reasons is that systems are not yet designed for automation and a migration would require vast amounts of resources. |
| format | Preprint |
| id |
arxiv_https___arxiv_org_abs_2408_14937 |
| institution | arXiv |
| publishDate | 2024 |
| record_format | arxiv |
| spellingShingle | From Chaos to Consistency: The Role of CSAF in Streamlining Security Advisories Wunder, Julia Aurich, Janik Benenson, Zinaida Cryptography and Security Security advisories have become an important part of vulnerability management. They can be used to gather and distribute valuable information about vulnerabilities. Although there is a predefined broad format for advisories, it is not really standardized. As a result, their content and form vary greatly depending on the vendor. Thus, it is cumbersome and resource-intensive for security analysts to extract the relevant information. The Common Security Advisory Format (CSAF) aims to bring security advisories into a standardized format which is intended to solve existing problems and to enable automated processing of the advisories. However, a new standard only makes sense if it can benefit users. Hence the questions arise: Do security advisories cause issues in their current state? Which of these issues is CSAF able to resolve? What is the current state of automation? To investigate these questions, we interviewed three security experts, and then conducted an online survey with 197 participants. The results show that problems exist and can often be traced back to confusing and inconsistent structures and formats. CSAF attempts to solve precisely these problems. However, our results show that CSAF is currently rarely used. Although users perceive automation as necessary to improve the processing of security advisories, many are at the same time skeptical. One of the main reasons is that systems are not yet designed for automation and a migration would require vast amounts of resources. |
| title | From Chaos to Consistency: The Role of CSAF in Streamlining Security Advisories |
| topic | Cryptography and Security |
| url | https://arxiv.org/abs/2408.14937 |