-
Notifications
You must be signed in to change notification settings - Fork 164
Home
The Vocabulary for Event Recording and Incident Sharing (VERIS) is a framework and common language for describing security incidents in a structured and repeatable manner. VERIS is a response to one of the most critical and persistent challenges in the security industry - a lack of quality information. VERIS targets this problem by helping organizations to collect useful incident-related information and to share that information - anonymously and responsibly - with others. The overall goal is to lay a foundation from which we can constructively and cooperatively learn from our experiences to better measure and manage risk.
The VERIS framework is made up of sub-sections for capturing metadata about a security incident and free form text fields for capturing information that doesn't fit well in the other fields. The VERIS framework consists of high-level fields from the A4 Model (an Actor takes an Action against an Asset's Attributes). Additionally, the framework collects information about the victim organization, the timeline of the event, impact, discovery, and incident tracking. VERIS also includes a free-for-all section where organizations can add variables that they want to collect that are not included in the framework.