Mission and Overview
NVD is the U.S. government repository of standards based vulnerability management data. This data enables automation of vulnerability management, security measurement, and compliance (e.g. FISMA).
Resource Status
NVD contains:

Last updated: 12/27/2014 2:28:13 PM

CVE Publication rate: 18

Email List

NVD provides four mailing lists to the public. For information and subscription instructions please visit NVD Mailing Lists

Workload Index
Vulnerability Workload Index: 7.33
About Us
NVD is a product of the NIST Computer Security Division and is sponsored by the Department of Homeland Security's National Cyber Security Division. It supports the U.S. government multi-agency (OSD, DHS, NSA, DISA, and NIST) Information Security Automation Program. It is the U.S. government content repository for the Security Content Automation Protocol (SCAP).

Third Annual Security Automation Conference Presentations

Below is a list of presentations from the 2007 Security Automation Conference. A list of presentations from the 2006 conference can be found here: http://nvd.nist.gov/scapconf.cfm

Day 1 Presentations
Presenter(s) Presentation
Margaret Myers - Principal Director, Deputy Assistant DoD Delivering the Power of Information
Tim Grance - Manager, Systems and Network Security Group - NIST SCAP Progress Report
Richard Hale - Chief Information Assurance Officer - DISA DISA Initiatives in Automating STIG Compliance
Sherrill Nicely - Deputy Associate Director - DNI Security Framework Convergence
John Streufert - Chief Information Security Officer - State Department Correlating Security Data Using SCAP Standards
Matt Barrett - Computer Security Division - NIST Federal Desktop Core Configuration
David Karmol - Standards Services Division - NIST NIST’s Standards Advisor for Iraq at Embassy Baghdad
Josh Shaul - Application Security, Inc. Securing Databases With an SCAP Compatible Toolset

Day 2 Presentations
Presenter(s) Presentation
Matt Barrett - Computer Security Division - NIST SCAP and Federal Desktop Core Configuration
Ron Ross - Computer Security Division - NIST FISMA Implementation
Tony Sager - Chief, Vulnerability Analysis & Operations Group - NSA Creating Value from Vulnerability
Peter Mell - National Vulnerability Database Program Manager - NIST SCAP Certification Testing
John Banghart - Booz Allen Hamilton SCAP Compliance Program
Kent Landfield - McAfee SCAP Initiatives - Our Opportunity To Excel
Sol Cates - SignaCert SCAP Methods – Present and Future
David Wilson - Xacta Xacta IA Manager - Automating Compliance for Security Operations
Ron Gula - CTO Tenable Network Security Agentless Configuration Auditing with Nessus
Clint Kreitner - The Center for Internet Security CIS Update

SCAP Workshop Presentations
Presenter(s) Presentation
Matt Barrett - NIST SCAP Nuts-n-Bolts
Matthew Wojcik - MITRE Enumerations: CVE, CCE, & CPE
Karen Scarfone - NIST CVSS V2 Tutorial
Jon Baker - MITRE Introduction to OVAL
Jon Baker - MITRE OVAL Definition Tutorial
Jon Baker - MITRE OVAL System Characteristics Tutorial
Jon Baker - MITRE OVAL Results Tutorial
Jon Baker - MITRE Intorduction to CRF