The complexity of prioritising patching-Reference-Cited by-同舟云学术

The complexity of prioritising patching

Published:2019-07 Issue:7 Volume:2019 Page:6-9
ISSN:1353-4858
Container-title:Network Security
language:en
Short-container-title:Network Security

Author:

Roytman Michael¹,Jacobs Jay²

Affiliation:

1. Kenna Security

2. Cyentia Institute

Abstract

As American journalist and essayist HL Mencken once wrote: “For every complex problem there is a solution that is concise, clear, simple, and wrong.” Anyone working in or around vulnerability remediation knows the apparently ‘simple’ task of applying a patch is anything but. The vulnerability lifecycle is filled with pitfalls and deceptively complex tasks. Anyone working in or around vulnerability remediation knows that the apparently ‘simple’ task of applying a patch is anything but. The vulnerability lifecycle is filled with pitfalls. The time and effort needed to remediate any single vulnerability across an entire enterprise are often underestimated. This creates an obvious and urgent demand for prioritisation, which requires we understand more about the world of vulnerabilities. Michael Roytman of Kenna Security and Jay Jacobs at the Cyentia Institute explore what the open vulnerability landscape looks like and investigate multiple factors contributing to the remediation efforts.

Publisher

Mark Allen Group

Subject

Information Systems and Management,Computer Networks and Communications,Safety, Risk, Reliability and Quality

Link

http://www.magonlinelibrary.com/doi/pdf/10.1016/S1353-4858%2819%2930082-0

Reference3 articles.

1. Prioritisation to Prediction, Volume 1: Analysing Vulnerability Remediation Strategies’. Kenna Security/Cyentia Institute; www.kennasecurity.com/prioritization-to-prediction-report/images/Prioritization_to_Prediction.pdf accessed June 2019

2. ‘Prioritisation to Prediction, Volume 2: Getting Real About Remediation’. Kenna Security/Cyentia Institute; https://www.kennasecurity.com/prioritization-to-prediction-report-volume-two/images/Getting_Real_About_Remediation.pdf accessed June 2019

3. ‘Prioritisation to Prediction, Volume 3: Winning the Remediation Race’. Kenna Security/Cyentia Institute; https://www.kennasecurity.com/prioritization-to-prediction-report-volume-three/images/Prioritization_To_Prediction_Winning_the_Remediation_Race_digital.pdf accessed June 2019

Cited by 6 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Responses of the European IoT Ecosystem to the European General Data Protection Regulation;2023-12-12

2. Merging FMEA and Digital Twins to Improve Trustfulness;2023 7th International Conference on System Reliability and Safety (ICSRS);2023-11-22

3. Effects of the GDPR in Southeast Asia vs. Europe - A Large-Scale Analysis of IoT Devices;2023 IEEE 8th International Conference On Software Engineering and Computer Systems (ICSECS);2023-08-25

4. SmartPatch: A patch prioritization framework;Computers in Industry;2022-05

5. Twin Based Continuous Patching To Minimize Cyber Risk;European Journal for Security Research;2021-12