The mission of this group is to bring together utility professionals in the power industry who are in the thick of the digital utility transformation. 

Richard Brooks's picture
Co-Founder and Lead Software Engineer, Reliable Energy Analytics LLC

Dick Brooks is the inventor of patent 11,374,961: METHODS FOR VERIFICATION OF SOFTWARE OBJECT AUTHENTICITY AND INTEGRITY and the Software Assurance Guardian™ (SAG ™) Point Man™ (SAG-PM™) software...

  • Member since 2018
  • 1,576 items added with 692,452 views
  • Feb 8, 2023

Many thanks to Steve Springett with the OWASP organization for documenting the differences between the NIST Vulnerability Disclosure Report standard and the many, differing, VEX proposals that are being floated. (Click Read More) below for Steve's analysis.

NIST VDR is the only stable standard available to report software vulnerabilities at the SBOM component level that also serves as an "attestation" showing that a software vendor has checked each component within an SBOM for vulnerabilities and reports the status to consumers within the VDR.


No discussions yet. Start a discussion below.

Richard Brooks's picture
Thank Richard for the Post!
Energy Central contributors share their experience and insights for the benefit of other Members (like you). Please show them your appreciation by leaving a comment, 'liking' this post, or following this Member.
More posts from this member

Get Published - Build a Following

The Energy Central Power Industry Network® is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.

If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.

                 Learn more about posting on Energy Central »