VERIS The Vocabulary for Event Recording and Incident Sharing

View project on GitHub


The Vocabulary for Event Recording and Incident Sharing (VERIS) is a set of metrics designed to provide a common language for describing security incidents in a structured and repeatable manner. VERIS is a response to one of the most critical and persistent challenges in the security industry - a lack of quality information. VERIS targets this problem by helping organizations to collect useful incident-related information and to share that information - anonymously and responsibly - with others. The overall goal is to lay a foundation from which we can constructively and cooperatively learn from our experiences to better measure and manage risk. This site serves as a central hub for all things VERIS. On it, you will find information and resources for leveraging VERIS in your organization as well as interacting with the growing community of users. We hope you'll become part of that community, and help build a set of valuable information that benefits us all.

VERIS Resources

overview: A brief summary of VERIS and what it can do for you.

schema: The latest VERIS schema files are available on GitHub. We are currently on version 1.3.1 (currently in json format) and will be maintaining a regular update schedule from this time forward (probably annually or bi-annually).

documentation: This site is the primary source of supporting documentation pertaining to the VERIS Community schema. When the current update process is complete, it will provide additional guidance and commentary on the schema and its use.

data: The VERIS Community Database (VCDB) is an open and free repository of publicly-reported security incidents in VERIS format. You can grab the raw data and use for your own research.

Verizon's Data Breach Investigations Reports (DBIR) contain statistics from thousands of incidents classified using VERIS, and are available here.