Glossary
CVSS
The Common Vulnerability Scoring System or CVSS is a free and open industry standard for assessing the severity of computer system security vulnerabilities. CVSS attempts to assign severity scores to vulnerabilities, allowing responders to prioritize responses and resources according to threat. Scores are calculated based on a formula that depends on several metrics that approximate ease of exploit and the impact of exploit. Scores range from 0 to 10, with 10 being the most severe.
Mailmaps
These are the rules that must be followed at the time of documenting the mailmap:
- Use the email address
of the provider
over the one
of the client.
- Use
<[email protected]>
overEduardo Garcia
<[email protected]>
orEduardoGarcia
<[email protected]>
.
- Use
- Do not map by default
a non-corporate email
such as
userdeveloper <[email protected]>
. - In order to map a non-corporate email to a corporate one, written request from the client is required.
ToE
The Target of Evaluation or ToE is the product or system that will be the subject of the penetration testing done by Fluid Attacks. The ToE is mostly defined by specifying which git repositories and/or environments you want us to check by adding Git Roots and its environments in the Scope section of a group.
NOTE: This subsection of our documentation is under construction.