Tom Alrich's Blog

Friday, July 18, 2025

The NVD can fix their problem if they want to

›
Bruce Lowenthal, Senior Director of Product Security for Oracle, has been following the ups and downs (mostly the latter) of the National Vu...
Wednesday, July 16, 2025

NERC CIP: When you move your BCS to the cloud, don’t expect a lot of love from the CSP

›
The NERC “Project 2023-09 Risk Management for Third-Party Cloud Services” Standards Drafting Team has been meeting for more than a year. T...
Monday, July 14, 2025

Will version ranges ever work?

›
  I’ve come to realize that version ranges are perhaps the biggest problem in vulnerability management. Here’s why I say that: 1.       ...
Thursday, July 10, 2025

Is CPE on the way out?

›
In September 2022, a group that I lead, the SBOM Forum – now the OWASP SBOM Forum – published a white paper that described a number of s...
›
Home
View web version

About Me

My photo
Tom Alrich
View my complete profile
Powered by Blogger.