← Cybersecurity Alphabet Soup

CSAF

Common Security Advisory Framework

appsechard

CSAF is an OASIS standard for publishing security advisories in a structured, machine-readable JSON format instead of free-form web pages. It lets tools automatically match advisories against an organization's asset inventory and is the format that carries VEX statements. Adoption by major vendors and government agencies is making automated vulnerability triage practical at scale.

Sources

More in appsec