The Anatomy of a Security Advisory

The Anatomy of a Security Advisory

A security advisory is a summary of the work that Secunia Research performs to communicate standardized, validated and enriched vulnerability research on a specific software product version.

We issue Secunia Research criticality ratings and common vulnerability scoring system (CVSS) metrics after a distinct analysis in the advisories. This dual rating method allows for a much-improved means of prioritizing by criticality—delivering a review that includes product context and related security best practices.

A rejection advisory issued by the research team issues means we’ve determined it’s not worthy of your attention. This advisory comes if a vendor issues an advisory acknowledging vulnerabilities that we don’t believe to be valid—and would have a product solution we aren’t recommending or exceeding already. We send that out to save you considerable time.

If someone other than the vendor issues an advisory and we don’t believe to be valid, we discard it. We take that action so you don’t waste your time processing inconsequential vulnerability information.

The attached article discusses specific content and values found in a Secunia Security Advisory. For a high level look at what can be found, check out this infographic

Was this article helpful? Yes No
67% helpful (2/3)
Comments

The link to SAID-Anatomy.pdf is broken... 

Version history
Revision #:
1 of 1
Last update:
‎Jul 08, 2020 01:38 PM
Updated by:
 
Contributors