VINCE
VINCE copied to clipboard
CERTCC
VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordinated vulnerability disclosure. VINCE is a Python-based web plat...
I participated in one case that was managed in VINCE. I have a couple thoughts on the platform. Not creating separate issues because there's quite a lot of them. You...
Please expand the Common Security Advisory Framework (CSAF) format when generating notes and sharing the notes through the API
I had a quick look at the CSAF files produced by CERT/CC's VINCE instance: The `revision_history` and `/document/tracking/version` information differs from the human readable advisory, e.g. `VU#572615`: CSAF: ``` "revision_history":...
I have the vision that VINCE should be federated. This would help to transport/share information between different VINCE instances (of different countries) - especially in joined cases. (Just think about...
In our coordination, we have a "standard process" that we apply for (almost) every coordination. It would be nice, if we could have a customizable workflow. For example (a rough...
Where is the hide feature to view cases that from the vendors point of view, we need to continue to participate in? We are getting used to VINCE and think...
I'd like to request a better way to differentiate between case numbers in new-post emails. Currently, each "new post" email lists the VU# only in the subject and not the...
Would be great to have an acknowledge checkbox or something for cases. Visual differentiation is crucial when there is many cases.
When transitioning from one team to another team in VINCETrack, can we have an email generated to make sure all parties are aware of the transition?
When I receive emails from VINCE about an update to a Case I am involved with. I end up needing to review the entire case very carefully to determine what...
