Software Bugs: Gotta Catch ‘Em All?

0
350
Beyond ‘Patch or Perish’ – CISOs’ Risk-Based Approach to Fixing Vulnerabilities

Software Bugs: Gotta Catch'Em All?

Every week seems to bring a fresh installment of “patch or perish.”

See Also: Live Webinar | Scaling Security at the Internet Edge with Stateless Technology


For those not in the know, that vulnerability cat-and-mouse game goes like this: IT teams race to test and apply newly released, critical updates to software and systems – under cover of mitigating or compensating controls – before hackers create and field working exploits for the flaws the patches fix.


Such efforts continue nonstop. Risk Based Security’s VulnDB team, for example, counted 11,092 newly disclosed vulnerabilities during the first half of 2019. Public exploits existed for 34 percent of those flaws, 53 percent of all of the vulnerabilities could be exploited remotely and nearly 5 percent of all of the bugs also affected security software.


Some weeks are worse than others….

Read More…