KEY TAKEAWAY
Flashpoint has found that the interval between disclosure and exploit availability appears to be shrinking. Security teams should make an effort to patch as soon as a fix is available. Organizations can maximize limited resources by improving their vulnerability identification and prioritization processes.
To protect the organization against cyber attacks, Vulnerability Management teams prioritize vulnerabilities for remediation, so that they can be addressed before threat actors can exploit them. However, security teams are reliant on how quickly vendors can produce solutions to identified vulnerabilities. To make matters more difficult, Flashpoint research shows that the time between disclosure and exploit availability is shortening, suggesting that organizations will have less time to patch. If they are not prepared, remediation processes could become incredibly strained.
Looking at each day over the last five years, as a rolling average, the time between vulnerability disclosure and exploit publication is shrinking. The takeaway is that patch teams must react more quickly to stay ahead of potential exploitation. This shorter interval could mean multiple…
