Deployed fbb7403 with MkDocs version: 1.5.3

Crashedmind · Crashedmind · commit 10b6c027da96 · 2024-03-13T19:58:01.000Z
diff --git a/epss/EPSS_Thresholds/index.html b/epss/EPSS_Thresholds/index.html
@@ -1863,12 +1863,7 @@ <h3 id="monte-carlo-simulation-for-a-typical-enterprise">Monte Carlo Simulation
 <p class="admonition-title">Recipe</p>
 <ol>
 <li>Take random % sample of CVEs <ol>
-<li>where, e.g. 20%, corresponds to ~44K CVEs of ~220K CVEs<ol>
-<li>where this number is chosen to be close to (but greater than
-    to give a worst case scenario) the ~40K CVEs observed in
-    the Cisco data set across 1000 enterprises</li>
-</ol>
-</li>
+<li>where, e.g. 20%, corresponds to ~44K CVEs of ~220K CVEs</li>
 </ol>
 </li>
 <li>Plot the result</li>
diff --git a/introduction/contributors/index.html b/introduction/contributors/index.html
@@ -1405,7 +1405,7 @@ <h1 id="contributors">Contributors<a class="headerlink" href="#contributors" tit
 <li>Maor Kuriel</li>
 <li>Patrick Garrity, VulnCheck</li>
 <li>Sasha Romanosky, <abbr title="Exploit Prediction Scoring System">EPSS</abbr> Co-creator, <abbr title="Common Vulnerability Scoring System Standard. A framework for scoring the severity of vulnerabilities based on factors such as exploitability and impact.">CVSS</abbr> author</li>
-<li>Stephen Shaffer, Peleton</li>
+<li>Stephen Shaffer, Peloton</li>
 <li>Steve Finegan</li>
 </ul>
 
diff --git a/print_page/index.html b/print_page/index.html
@@ -1900,7 +1900,7 @@ <h2 id="introduction-introduction-notes">Notes<a class="headerlink" href="#intro
 <li>Maor Kuriel</li>
 <li>Patrick Garrity, VulnCheck</li>
 <li>Sasha Romanosky, <abbr title="Exploit Prediction Scoring System">EPSS</abbr> Co-creator, <abbr title="Common Vulnerability Scoring System Standard. A framework for scoring the severity of vulnerabilities based on factors such as exploitability and impact.">CVSS</abbr> author</li>
-<li>Stephen Shaffer, Peleton</li>
+<li>Stephen Shaffer, Peloton</li>
 <li>Steve Finegan</li>
 </ul></section><section class="print-page" id="introduction-scope"><h1 id="introduction-scope-scope">Scope<a class="headerlink" href="#introduction-scope-scope" title="Permanent link">&para;</a></h1>
 <div class="admonition abstract">
@@ -4047,12 +4047,7 @@ <h3 id="epss-epss_thresholds-monte-carlo-simulation-for-a-typical-enterprise">Mo
 <p class="admonition-title">Recipe</p>
 <ol>
 <li>Take random % sample of CVEs <ol>
-<li>where, e.g. 20%, corresponds to ~44K CVEs of ~220K CVEs<ol>
-<li>where this number is chosen to be close to (but greater than
-    to give a worst case scenario) the ~40K CVEs observed in
-    the Cisco data set across 1000 enterprises</li>
-</ol>
-</li>
+<li>where, e.g. 20%, corresponds to ~44K CVEs of ~220K CVEs</li>
 </ol>
 </li>
 <li>Plot the result</li>
@@ -4170,9 +4165,11 @@ <h2 class='nav-section-title' id='section-stakeholder-specific-vulnerability-cat
 <p><img alt="🧑‍💻" class="twemoji" src="https://cdn.jsdelivr.net/gh/jdecked/twemoji@15.0.3/assets/svg/1f9d1-200d-1f4bb.svg" title=":technologist:" /> <a href="https://github.com/RiskBasedPrioritization/RiskBasedPrioritizationAnalysis/blob/main/cisa_ssvc_dt/DT_from_scratch.ipynb">Source Code</a> </p>
 </div>
 <h2 id="ssvc-ssvc-ssvc"><abbr title="SSVC Stakeholder-Specific Vulnerability Categorization">SSVC</abbr><a class="headerlink" href="#ssvc-ssvc-ssvc" title="Permanent link">&para;</a></h2>
-<p><a href="https://certcc.github.io/SSVC/">Stakeholder-Specific Vulnerability Categorization</a> is proposed as an alternative to 
-<abbr title="Common Vulnerability Scoring System Standard. A framework for scoring the severity of vulnerabilities based on factors such as exploitability and impact.">CVSS</abbr> Base Scores. <abbr title="SSVC Stakeholder-Specific Vulnerability Categorization">SSVC</abbr> provides a method for developing vulnerability management decision models that are tailored to the
-specific needs of different stakeholders. </p>
+<p><a href="https://certcc.github.io/SSVC/">Stakeholder-Specific Vulnerability Categorization (<abbr title="SSVC Stakeholder-Specific Vulnerability Categorization">SSVC</abbr>)</a> is an alternative methodology for prioritizing vulnerabilities. </p>
+<ul>
+<li>It is designed to address some of the issues with <abbr title="Common Vulnerability Scoring System Standard. A framework for scoring the severity of vulnerabilities based on factors such as exploitability and impact.">CVSS</abbr> - including <abbr title="Common Vulnerability Scoring System Standard. A framework for scoring the severity of vulnerabilities based on factors such as exploitability and impact.">CVSS</abbr> scoring. </li>
+<li>It provides a method for developing vulnerability management decision models that are tailored to the specific needs of different stakeholders. </li>
+</ul>
 <p>It is based on research performed by the <a href="https://www.sei.cmu.edu/about/divisions/cert/">CERT Division</a>
 of the <a href="https://www.sei.cmu.edu">Software Engineering Institute</a> (SEI) at <a href="https://www.cmu.edu">Carnegie Mellon University</a> (CMU):</p>
 <ul>
diff --git a/search/search_index.json b/search/search_index.json
diff --git a/sitemap.xml b/sitemap.xml
@@ -2,187 +2,187 @@
 <urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/annex/Glossary/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/cisa_kev/cisa_kev/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/cvss/CVSS/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/epss/Applying_EPSS_to_your_environment/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/epss/EPSS_Thresholds/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/epss/EPSS_and_CISA_KEV/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/epss/Introduction_to_EPSS/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/epss/What_users_ask_for/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/includes/abbreviations/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/includes/epss_threshold/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/includes/plots_cvss_epss/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/includes/vendor_warning/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/includes/vulns_exploited/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/introduction/Introduction/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/introduction/Scope/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/introduction/code_and_data/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/introduction/contributors/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/introduction/foreword/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/introduction/preface/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/organizations/Yahoo/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/organizations/acme/Applied/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/requirements/Requirements/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/risk/Back_of_napkin/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/risk/Data_Sources/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/risk/Log4Shell/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/risk/Rbp_schemes/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/risk/Takeaway/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/risk/Understanding_Risk/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/risk/Vulnerability_Landscape/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/ssvc/SSVC/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/ssvc/decision_trees/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/ssvc/decision_trees_from_scratch/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/vendors/Edgescan/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/vendors/Microsoft_Exploitability_Index/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/vendors/Qualys/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
     <url>
          <loc>https://github.com/RiskBasedPrioritization/RiskBasedPrioritization.github.io/vendors/vendors/</loc>
-         <lastmod>2024-03-12</lastmod>
+         <lastmod>2024-03-13</lastmod>
          <changefreq>daily</changefreq>
     </url>
 </urlset>
diff --git a/sitemap.xml.gz b/sitemap.xml.gz
diff --git a/ssvc/SSVC/index.html b/ssvc/SSVC/index.html
@@ -1499,9 +1499,11 @@ <h1 id="stakeholder-specific-vulnerability-categorization-ssvc">Stakeholder-Spec
 <p><img alt="🧑‍💻" class="twemoji" src="https://cdn.jsdelivr.net/gh/jdecked/twemoji@15.0.3/assets/svg/1f9d1-200d-1f4bb.svg" title=":technologist:" /> <a href="https://github.com/RiskBasedPrioritization/RiskBasedPrioritizationAnalysis/blob/main/cisa_ssvc_dt/DT_from_scratch.ipynb">Source Code</a> </p>
 </div>
 <h2 id="ssvc"><abbr title="SSVC Stakeholder-Specific Vulnerability Categorization">SSVC</abbr><a class="headerlink" href="#ssvc" title="Permanent link">&para;</a></h2>
-<p><a href="https://certcc.github.io/SSVC/">Stakeholder-Specific Vulnerability Categorization</a> is proposed as an alternative to 
-<abbr title="Common Vulnerability Scoring System Standard. A framework for scoring the severity of vulnerabilities based on factors such as exploitability and impact.">CVSS</abbr> Base Scores. <abbr title="SSVC Stakeholder-Specific Vulnerability Categorization">SSVC</abbr> provides a method for developing vulnerability management decision models that are tailored to the
-specific needs of different stakeholders. </p>
+<p><a href="https://certcc.github.io/SSVC/">Stakeholder-Specific Vulnerability Categorization (<abbr title="SSVC Stakeholder-Specific Vulnerability Categorization">SSVC</abbr>)</a> is an alternative methodology for prioritizing vulnerabilities. </p>
+<ul>
+<li>It is designed to address some of the issues with <abbr title="Common Vulnerability Scoring System Standard. A framework for scoring the severity of vulnerabilities based on factors such as exploitability and impact.">CVSS</abbr> - including <abbr title="Common Vulnerability Scoring System Standard. A framework for scoring the severity of vulnerabilities based on factors such as exploitability and impact.">CVSS</abbr> scoring. </li>
+<li>It provides a method for developing vulnerability management decision models that are tailored to the specific needs of different stakeholders. </li>
+</ul>
 <p>It is based on research performed by the <a href="https://www.sei.cmu.edu/about/divisions/cert/">CERT Division</a>
 of the <a href="https://www.sei.cmu.edu">Software Engineering Institute</a> (SEI) at <a href="https://www.cmu.edu">Carnegie Mellon University</a> (CMU):</p>
 <ul>
