Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

NISTIR 7502

The Common Configuration Scoring System (CCSS): Metrics for Software Security Configuration Vulnerabilities

Date Published: December 2010

Author(s)

Peter Mell (NIST), Karen Scarfone (G2)

Abstract

Keywords

security configuration; security measurement; vulnerability measurement; vulnerability scoring
Control Families

Configuration Management; Risk Assessment;

Documentation

Publication:
NISTIR 7502 (DOI)
Local Download

Supplemental Material:
None available