# Daftar Pustaka
AusCERT. (2024). *AusCERT RFC 2350: Description of AusCERT’s Incident Response Service*.
Bappenas. (2024). *Peta Okupasi Nasional*.
Booth, H., Rike, D., & Witte, G. (2013). The National Vulnerability Database (NVD): Overview. *ITL Bulletin*.
BSSN. (2019). *Peta Okupasi Nasional Keamanan Siber*.
BSSN. (2021). *COMPUTER SECURITY INCIDENT RESPONSE TEAM (CSIRT) STARTER KIT v1.0*.
BSSN. (2024). *Peraturan Badan Siber dan Sandi Negara Nomor 1 Tahun 2024 tentang Pengelolaan Insiden Siber*.
Bugcrowd. (2022). *Reporting a Bug*.
CERT-Bund. (2024). *RFC 2350: CERT-Bund Description according to RFC 2350*.
CERT-EU. (2024). *RFC2350: CERT-EU Description according to RFC 2350*.
Chaudhary, S., Gkioulos, V., & Katsikas, S. (2022). Developing metrics to assess the effectiveness of cybersecurity awareness program. *Journal of Cybersecurity*, *8*(1), tyac006.
Chen, K. Y. (2021). *A Systematic Approach for Cybersecurity Risk Management* \[Massachusetts Institute of Technology].
CISA. (2020). *Cyber Resilience Review (CRR) Resource Guide: Vulnerability Management*.
CISA. (2024). *Traffic Light Protocol (TLP) Definitions and Usage*.
Deputi III, B. (2024). *Peraturan Deputi Bidang Keamanan Siber dan Sandi Pemerintahan dan Pembangunan Manusia Nomor 1 Tahun 2024 Tentang Pedoman Pembentukan Tim Tanggap Insiden Siber Sektor Pemerintahan*.
Direktorat Operasi Keamanan Siber. (2023). *Lanskap Keamanan Siber Indonesia 2023*.
FIRST. (2015). Common Vulnerability Scoring System v3.0: Specification Document. *Forum of Incident Response and Security Teams (FIRST)*, 1–21.
FIRST. (2017). *Common Vulnerability Scoring System v3.0 Examples*.
FIRST. (2023). *CSIRT Services Framework v2.1*.
Foreman, P. (2019). *Vulnerability Management* (2nd ed.). Auerbach Publications.
Gartner. (2020). *A Guidance Framework for Developing and Implementing Vulnerability Management*.
Goel, J. N., & Mehtre, B. M. (2015). Vulnerability Assessment & Penetration Testing as a Cyber Defence Technology. *Procedia Computer Science*, *57*, 710–715.
Government of South Australia. (2021). *Vulnerability Management and Patching Guideline (SACSF-G11.0)*.
*Guidelines for Cyber Security Incidents*. (2024).
Hanford, S., & Heitman, M. (2015). Common Vulnerability Scoring System v3 . 0 : User Guide. *FIRST-Forum of Incident Response and Security Teams*, 1–15.
Huawei. (2023). *Huawei Vulnerability Management White Paper 2023*.
IoT Security Foundation. (2021). *Vulnerability Disclosure Best Practice Guidelines, Release 2.0*.
ISO. (2018). *ISO/IEC 29147:2018 Information technology – Security techniques – Vulnerability disclosure* (Issue ISO/IEC 29147:2018).
ISO. (2019). *ISO/IEC 30111:2019 Information technology – Security techniques – Vulnerability handling processes* (Issue ISO/IEC 30111:2019).
JPCERT/CC. (2024). *About JPCERT/CC*.
Kissoon, T. (2022). *Optimal Spending on Cybersecurity Measures: Risk Management*. Routledge.
Knerler, K., Parker, I., & Zimmerman, C. (2022). *11 Strategies of a World-Class Cybersecurity Operations Center*.
Matwyshyn, A. M., Cui, A., Keromytis, A. D., & Stolfo, S. J. (2010). Ethics in security vulnerability research. *IEEE Security & Privacy*, *8*(2), 67–72.
Mohammed, A. H. Y., Dziyauddin, R. A., & Latiff, L. A. (2023). Current Multi-factor of Authentication: Approaches, Requirements, Attacks and Challenges. *International Journal of Advanced Computer Science and Applications*, *14*(1).
National Cyber Security Centre. (2022). *Vulnerability Disclosure Toolkit*.
NIST. (2012a). *Computer Security Incident Handling Guide* (Issue SP 800-61 Revision 2).
NIST. (2012b). *Guide for Conducting Risk Assessments* (Issue NIST Special Publication 800-30 Revision 1).
NIST. (2024). *National Vulnerability Database (NVD)*.
Office of the CISO. (2024). *Vulnerability management guidelines*.
OWASP Foundation. (2021). *OWASP Top Ten Web Application Security Risks*.
Pipyros, K. (2019). *A new systematic modelling methodology for improving cyber-attack evaluation on states’ Critical Information Infrastructure (CII) Kosmas Pipyros*.
Presiden Indonesia. (2019). *Peraturan Presiden Nomor 71 tahun 2019 tentang Penyelenggaran Sistem dan Transaksi Elektronik*.
Recorded Future. (2022). *The Intelligence Handbook: A Roadmap for Building an Intelligence-Led Security Program* (4th ed.). Recorded Future.
Roytman, M., & Bellis, E. (2023). *Modern Vulnerability Management: Predictive Cybersecurity*. Artech.
Sarker, K. U., Yunus, F., & Deraman, A. (2023). Penetration Taxonomy: A Systematic Review on the Penetration Process, Framework, Standards, Tools, and Scoring Methods. *Sustainability*, *15*(13).
Scarfone, K. A., Souppaya, M., Cody, A., & Orebaugh, A. (2008). *Technical Guide to Information Security Testing and Assessment* (Issues 800–115).
Scarfone, K., & Souppaya, M. (2022). *Guide to Enterprise Patch Management Planning: Preventive Maintenance for Technology*.
Swanagan, M. (2024, March 1). *Vulnerability & Patch Management Metrics: Top 10 KPIs*.
University of Toronto. (2024). *Vulnerability Management Guidelines*.
US-CERT. (2020). *US-CERT InfoSheet v2*.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://cdef.gitbook.io/kajian-ketahanan-siber-manajemen-kerentanan/daftar-pustaka.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.