How you deal with vulnerabilities is critical to your organisations approach to security. In far too many organisations, there simply isn't any defined vulnerability process. If someone finds something, it's reliant on the development team or worse, the supplier management team to understand it, prioritise it and put in a change request. The organisation as a whole has no real understanding of what it runs, and no ability to triage or prioritise vulnerabilities.
Cyberweekly #193 - Remaining vulnerable
Cyberweekly #193 - Remaining vulnerable
Cyberweekly #193 - Remaining vulnerable
How you deal with vulnerabilities is critical to your organisations approach to security. In far too many organisations, there simply isn't any defined vulnerability process. If someone finds something, it's reliant on the development team or worse, the supplier management team to understand it, prioritise it and put in a change request. The organisation as a whole has no real understanding of what it runs, and no ability to triage or prioritise vulnerabilities.