Myriam, class of 2025, presented her first academic paper at the European Conference on Cyber Warfare and Security (ECCWS). Her research questions the current vulnerability assessment models in cybersecurity.
This international experience marks an essential step in her professional and academic journey.
From ESILV to Cybersecurity Research: A First Step Forward
As a cybersecurity engineering student specialising in Cybersecurity & IoT Trust at ESILV and an apprentice at Thales Digital Factory, Myriam attended the 24th European Conference on Cyber Warfare and Security in Kaiserslautern, hosted by the German Research Center for Artificial Intelligence (DFKI).
She took part in the event as a speaker, presenting her first academic paper titled “Beyond the CVSS: Rethinking the Contextualisation of CVEs in a Connected World.”
The ECCWS brings together researchers, practitioners, and defense specialists from across Europe to discuss the evolving cyber threat landscape and share innovative approaches to security.
Rethinking CVE prioritisation methods
In her research, Myriam Ouraou critically analyses the limitations of relying solely on the Common Vulnerability Scoring System (CVSS) to prioritize vulnerabilities. While widely adopted, the CVSS score lacks the contextual depth needed to address today’s complex environments.
The paper examines complementary approaches that consider operational, technical, and business-specific factors.
One of the key issues raised concerns the heavy reliance on the U.S.-based National Vulnerability Database (NVD), which has experienced delays and partial disruptions since early 2024. This has impacted organisations’ ability to assess threats effectively based on complete data.
By proposing a maturity model for vulnerability management processes, the paper emphasizes the importance of tailoring security efforts to the unique characteristics of each environment and advocates for the development of more autonomous and independent analysis frameworks.
From restricted cloud to academic recognition
At Thales Digital Factory, Myriam has been working on automating vulnerability management within a restricted cloud environment.
Her objective is to industrialize processes and improve operational efficiency through intelligent tooling. The research she presented at ECCWS is directly rooted in this hands-on experience.
This conference participation reflects a growing engagement in applied research within the ESILV engineering curriculum, particularly among students in apprenticeship programs that combine academic and corporate experiences.
About the ECCWS
Since 2002, the European Conference on Cyber Warfare and Security has provided a platform for cybersecurity professionals and researchers to share insights on strategy, defense mechanisms, and technological innovations.
As of 2022, all ECCWS proceedings are open access, allowing universities and professionals worldwide to consult published research freely.
Interested in the Cybersecurity & IoT Trust specialisation at ESILV? Lean more.
This post was last modified on 15 July 2025 3:26 pm