15th May, 2018, By Ericka Chickowski
CVSS scores alone are ineffective risk predictors - modeling for likelihood of exploitation also needs to be taken into account.
The way that organizations today decide which software vulnerabilities to fix and which to ignore reduces risk no better than if they rolled dice to choose, according to a new study today from Kenna Security and Cyentia Institute. The report's authors argue that enterprises need to get smarter about how they prioritize flaws for remediation if they want to really make a dent in their risk exposure.
Full Article.
Don't Roll the Dice When Prioritizing Vulnerability Fixes
+54Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.