RiskBasedPrioritization
diff --git a/‎print_page/index.html‎
Lines changed: 3 additions & 0 deletions b/‎print_page/index.html‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎risk/Takeaway/index.html‎
Lines changed: 3 additions & 0 deletions b/‎risk/Takeaway/index.html‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎search/search_index.json‎
Lines changed: 1 addition & 1 deletion b/‎search/search_index.json‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎sitemap.xml.gz‎
0 Bytes b/‎sitemap.xml.gz‎
0 Bytes
@@ -5082,6 +5082,9 @@ <h2 id="risk-takeaway-requirements-for-a-risk-based-prioritization-scheme-for-fi
 </li>
 </ol>
 </li>
+<li><strong>Extensible</strong></li>
+<li>Organizations may want to extend, customize, or optimize a <abbr title="The likelihood of a vulnerability being exploited and the potential impact of such an exploit on an organization.">Risk</abbr> Based Prioritization Scheme for their environment e.g. change the prioritization associated with a data source or add a new data source.</li>
+<li>Some schemes do this by design e.g. <a href="https://github.com/CERTCC/SSVC"><abbr title="SSVC Stakeholder-Specific Vulnerability Categorization">SSVC</abbr></a> "<abbr title="SSVC Stakeholder-Specific Vulnerability Categorization">SSVC</abbr> aims to avoid one-size-fits-all solutions in favor of a modular decision-making system with clearly defined and tested parts that vulnerability managers can select and use as appropriate to their context."</li>
 </ol>
 <h2 id="risk-takeaway-risk-based-prioritization-summary-against-requirements"><abbr title="The likelihood of a vulnerability being exploited and the potential impact of such an exploit on an organization.">Risk</abbr> Based Prioritization Summary against Requirements<a class="headerlink" href="#risk-takeaway-risk-based-prioritization-summary-against-requirements" title="Permanent link">&para;</a></h2>
 <table>
 
@@ -1494,6 +1494,9 @@ <h2 id="requirements-for-a-risk-based-prioritization-scheme-for-first-pass-triag
 </li>
 </ol>
 </li>
+<li><strong>Extensible</strong></li>
+<li>Organizations may want to extend, customize, or optimize a <abbr title="The likelihood of a vulnerability being exploited and the potential impact of such an exploit on an organization.">Risk</abbr> Based Prioritization Scheme for their environment e.g. change the prioritization associated with a data source or add a new data source.</li>
+<li>Some schemes do this by design e.g. <a href="https://github.com/CERTCC/SSVC"><abbr title="SSVC Stakeholder-Specific Vulnerability Categorization">SSVC</abbr></a> "<abbr title="SSVC Stakeholder-Specific Vulnerability Categorization">SSVC</abbr> aims to avoid one-size-fits-all solutions in favor of a modular decision-making system with clearly defined and tested parts that vulnerability managers can select and use as appropriate to their context."</li>
 </ol>
 <h2 id="risk-based-prioritization-summary-against-requirements"><abbr title="The likelihood of a vulnerability being exploited and the potential impact of such an exploit on an organization.">Risk</abbr> Based Prioritization Summary against Requirements<a class="headerlink" href="#risk-based-prioritization-summary-against-requirements" title="Permanent link">&para;</a></h2>
 <table>