This group brings together the best thinkers on energy and climate. Join us for smart, insightful posts and conversations about where the energy industry is and where it is going.

Richard Brooks's picture
Co-Founder and Lead Software Engineer Reliable Energy Analytics LLC

Inventor of patent pending (16/933161) technology: METHODS FOR VERIFICATION OF SOFTWARE OBJECT AUTHENTICITY AND INTEGRITY and the Software Assurance Guardian™ (SAG ™) Point Man™ (SAG-PM™)...

  • Member since 2018
  • 1,424 items added with 584,387 views
  • Jan 18, 2022
  • 593 views

The Log4j vulnerability that affected so many in the energy industry has highlighted the need to automate software vulnerability reporting by software vendors and enable software consumers to rapidly perform risk assessments whenever a new software vulnerability is reported. The existing "Security Bulletin", "read em and weep" approach is too inefficient, leaving our critical infrastructures vulnerable to cyber breaches over long periods of time. Automation is key to success - the only problem is "which vulnerability reporting format to use"? This article describes the various options available to report software vulnerabilities.

Discussions
Spell checking: Press the CTRL or COMMAND key then click on the underlined misspelled word.

No discussions yet. Start a discussion below.

Get Published - Build a Following

The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.

If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.

                 Learn more about posting on Energy Central »