Skip to content

Other Resources

Below are links to other resources that provide additional information about SSVC.

SSVC Sightings

We keep a running list of articles and other SSVC sightings in a GitHub Discussion

Videos

Provided below are videos that provide an overview of SSVC and the implementation of decision models.

Source Video
SEI Podcast Series A Stakeholder-Specific Approach to Vulnerability Management
CISA SSVC On-Demand Training
Nucleus Security SSVC and Decision Trees
Nucleus Security Panel Discussion: Using Decision Trees for Vulnerability Prioritization with SSVC
Nucleus Security What is SSVC?
ICS Cybersecurity Academy Create your own SSVC decision tree for ICS patching
ICS Cybersecurity Academy SSVC: A great replacement for CVSS in ICS?
Waterfall Security Solutions Industrial Security Podcast Eps. 102: Stakeholder-Specific Vulnerability Categorization (SSVC)

Other Content

We've collected a list of articles and blog posts that provide additional information about SSVC.

Source Link
SEI Prioritizing Vulnerability Response with a Stakeholder-Specific Vulnerability Categorization
CISA Stakeholder-Specific Vulnerability Categorization (SSVC)
Qualys Effective Vulnerability Management with Stakeholder Specific Vulnerability Categorization (SSVC) and Qualys TruRisk
Vulcan Cyber The SSVC risk prioritization method: what it is, when to use it, and alternatives

Missing Something?

Have a link to something we missed? Let us know in an issue.