Evaluation and Decision-Making System as Vulnerability Management Process in Information and Telecommunication Systems

Authors

  • Vadym Poddubnyi Kharkiv National University of Radio Electronics, Ukraine
  • Roman Gvozdov Kharkiv National University of Radio Electronics, Ukraine
  • Oleksandr Sievierinov Kharkiv National University of Radio Electronics, Ukraine
  • Vitalii Martovytskyi Kharkiv National University of Radio Electronics, Ukraine

DOI:

https://doi.org/10.30837/csitic52021232206

Keywords:

CVSS, risk management, ISMS, vulnerabilities, risks

Abstract

This article proposes a system for risk assessment and management of software vulnerabilities. Such a system should function as part of the security policy of information security management systems.

Published

2021-05-30

Issue

Section

RELIABILITY AND SAFETY ASSURANCE TECHNOLOGIES FOR COMPUTER AND INFORMATIONAL SYSTEMS