Insights

Vulnerability Management

Vulnerability management is a dynamic cyclic process of identifying, accessing, reporting on, remediating and managing identified vulnerabilities across an IT ecosystem, with the ultimate goal of reducing the overall count of identified or unrealized vulnerabilities.

Guide
Guide
Vulnerability Management: Starter’s Guide
Read the article on Vulnerability Management to find out what it is, whether it is relevant to your business and what the first steps are.
Learn more
Blog
Blog
Log4j Vulnerability: It Is Still a Threat
The Log4j vulnerability, was first detected in December 2021. Log4j is an open-source Java library that is widely used by developers to monitor apps and captures logs. Cybersecurity experts...
Learn more
Leadership Brief
Leadership Brief
Responding to Critical Software Vulnerabilities
New software vulnerabilities are being discovered all the time and each provides an opportunity for cyber adversaries to disrupt your business. Where a new vulnerability affects a widely used...
Learn more
Analyst Chat
Analyst Chat
Analyst Chat #91: Vulnerability Management
Christopher Schütze provides the fundamentals for a pivotal topic in cybersecurity, namely how to create processes and systems for comprehensive and continuously improving vulnerability...
Learn more
Sustainable Vulnerability Management: Case Study by KuppingerCole
Event Recording
Sustainable Vulnerability Management: Case Study by KuppingerCole
For any large company, regulated or not, it is essential to have a mechanism or process for detecting vulnerabilities. For this purpose, various scanners exist that can automatically scan the...
Vulnerability Management (How Do I Do It Right, Where Do I Start)
Advisory Note
Vulnerability Management (How Do I Do It Right, Where Do I Start)
Vulnerability Management (VM) is a security practice that focuses on the process by which organizations identify, analyze, manage, and prevent the exploitation of IT vulnerabilities. If implemented...
Analyst Chat #143: Vulnerability Management: Emergency Patching and How to Deal with
Analyst Chat
Analyst Chat #143: Vulnerability Management: Emergency Patching and How to Deal with "Zero Days"
Sometimes Vulnerability Management has to take care of current threats very quickly: Christopher Schütze is today's guest in this episode and explains which processes are necessary when a...
Log4j Vulnerability: It Is Still a Threat
Blog
Log4j Vulnerability: It Is Still a Threat
The Log4j vulnerability, was first detected in December 2021. Log4j is an open-source Java library that is widely used by developers to monitor apps and captures logs. Cybersecurity experts...
Responding to Critical Software Vulnerabilities
Leadership Brief
Responding to Critical Software Vulnerabilities
New software vulnerabilities are being discovered all the time and each provides an opportunity for cyber adversaries to disrupt your business. Where a new vulnerability affects a widely used...
Prepare and Protect against Software Vulnerabilities
Leadership Brief
Prepare and Protect against Software Vulnerabilities
All software contains vulnerabilities that can be exploited by adversaries to attack the IT systems and data that organizations depend upon. It is essential that organizations have a vulnerability...
Analyst Chat #91: Vulnerability Management
Analyst Chat
Analyst Chat #91: Vulnerability Management
Christopher Schütze provides the fundamentals for a pivotal topic in cybersecurity, namely how to create processes and systems for comprehensive and continuously improving vulnerability...
Proper Patch Management Is Risk-Oriented
Blog
Proper Patch Management Is Risk-Oriented
With regard to cybersecurity, the year 2020 kicks off with considerable upheavals. Few days ago, my colleague Warwick wrote about the security problems that arise with some of Citrix's products...
Google Revelations Shatter Apple’s Reputation for Data Privacy
Blog
Google Revelations Shatter Apple’s Reputation for Data Privacy
It’s not been a good couple of weeks for Apple. The company that likes to brand itself as superior to rivals in its approach to security has been found wanting. Early in August it was forced...
Fine-Tuning ICS Threat Models to Prioritize Mitigations of the Most Vulnerable Devices
Webinar Recording
Fine-Tuning ICS Threat Models to Prioritize Mitigations of the Most Vulnerable Devices
When discussing the matters of industrial cybersecurity with IT experts, lamenting the historical divide between OT and IT seems to be a popular topic: you would often hear that the OT engineers...
1 2 Next