Safeguard
Tag

cvss

Safeguard articles tagged "cvss" — guides, analysis, and best practices for software supply chain and application security.

47 articles

Concepts

Understanding CVSS Scores

CVSS turns a vulnerability's characteristics into a number from 0 to 10 and a severity label. Here is what the score actually measures, how the metrics combine, and why the number alone should never drive your patching.

Jul 2, 20266 min read
Tutorials

How to Read a CVE: A Beginner's Guide

A plain-language walkthrough of what a CVE record contains and how to read one — the ID, description, CVSS score, CWE, affected versions, and whether a fix exists.

Jul 1, 20265 min read
Vulnerability Analysis

Understanding CVSS scoring for vulnerabilities

CVSS scores run 0-10, but a 9.8 doesn't always mean patch tonight. Here's how base scores are calculated and why context beats the number.

Jun 2, 20267 min read
Vulnerability Management

CVE explained: how vulnerabilities get identified and scored

A CVE ID and its CVSS score come from different organizations entirely. Here's how identification and severity scoring actually work, using Log4Shell and the 2024 NVD backlog as examples.

May 27, 20267 min read
Vulnerability Analysis

CVE scoring inconsistencies across vulnerability databases

Why the same CVE can carry three different severity scores across NVD, GitHub, and vendor advisories — and how to prioritize anyway.

May 1, 20266 min read
Vulnerability Analysis

The NVD backlog and its impact on vulnerability management

The NVD backlog leaves thousands of CVEs unscored each month, forcing security teams to rethink how they prioritize and triage vulnerabilities.

May 1, 20266 min read
Vulnerability Management

Vulnerability prioritization: moving beyond CVSS scores

CVSS scores flood teams with thousands of "Critical" findings, but fewer than 5% of CVEs are ever exploited. Here's how reachability and exploit data fix triage.

Apr 25, 20267 min read
Comparisons

Reachability Analysis vs EPSS vs CVSS: Prioritization Showdown

CVSS scores severity, EPSS predicts exploitation, reachability proves applicability. A spec-level comparison of the three signals — and the order to apply them.

Apr 14, 20266 min read
Application Security

What is a Vulnerability Assessment

A vulnerability assessment finds and ranks security weaknesses at scale — here's how it differs from a pentest, its five-step process, and reporting essentials.

Apr 13, 20268 min read
Application Security

What is an Application Vulnerability

A flaw in code, config, or a dependency that attackers can exploit. Learn the types, scoring, and how vulnerabilities differ from risk and threats.

Apr 10, 20267 min read
Vulnerability Analysis

What is a CVE (Common Vulnerabilities and Exposures)

A CVE is a unique ID for a known security flaw, but how it's assigned, scored, and disclosed is far messier than the name suggests.

Apr 9, 20267 min read
Vulnerability Management

Why EPSS scores matter for vulnerability management

EPSS scores predict real-world exploitation probability, something CVSS can't do. Here's why that matters for Prisma Cloud users, and how Safeguard uses it.

Apr 9, 20267 min read
cvss (Page 2) — Safeguard Blog