From the course: SecOps on Google Distributed Cloud (GDC) for Tier 3 Analysts by Google
Join today to access over 25,500 courses taught by industry experts.
Common Vulnerability Scoring System (CVSS) - Google Cloud Platform Tutorial
From the course: SecOps on Google Distributed Cloud (GDC) for Tier 3 Analysts by Google
Common Vulnerability Scoring System (CVSS)
- [Instructor] The final threat modeling technique is the Common Vulnerability Scoring System, CVSS. This methodology provides a way to capture the principle characteristics of a vulnerability and produce a numerical score reflecting its severity. This score can then be used to prioritize response and mitigation efforts based on the risk posed by the vulnerability. CVSS is invaluable for a GDC environment due to its ability to standardize the assessment and prioritization of vulnerabilities across distributed systems. This ensures efforts focus on the most critical issues first. How does it work? First, CVSS evaluates the intrinsic qualities of a vulnerability that are constant over time and user environments. These include metrics such as attack vector, attack complexity, privileges required, user interaction, scope and impact, confidentiality, integrity, and availability. Next, CVSS adjusts the base score based on…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
(Locked)
Module overview27s
-
(Locked)
The modern threat landscape1m 58s
-
(Locked)
Introduction to threat modeling3m 29s
-
(Locked)
The threat modeling process1m 26s
-
(Locked)
Threat modeling frameworks2m 27s
-
(Locked)
Threat modeling frameworks at Cymbal Federal1m 42s
-
(Locked)
Threat intelligence feeds4m 14s
-
(Locked)
Introduction to modeling techniques1m
-
(Locked)
Spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege (STRIDE)2m 15s
-
(Locked)
STRIDE at Cymbal Federal.mp43m 33s
-
(Locked)
Process for attack simulation and threat analysis (PASTA)2m 8s
-
(Locked)
PASTA at Cymbal Federal3m 13s
-
(Locked)
Common Vulnerability Scoring System (CVSS)1m 42s
-
(Locked)
CVSS at Cymbal Federal2m 43s
-
(Locked)
Selecting a threat modeling technique1m 15s
-
(Locked)
SecOps-specific tools for threat modeling3m 21s
-
(Locked)
SecOps-specific tools at Cymbal Federal2m
-
(Locked)
Threat mapping3m 6s
-
(Locked)
Best practices for effective threat3m 45s
-
(Locked)
Module summary1m 6s
-
(Locked)
-
-