Gartner Blog Network

Category: 'vulnerability-management' Blog Posts

from the Gartner Blog Network

Our new Vulnerability Assessment Tools Comparison is out!

by Augusto Barros  |  August 2, 2017

Vulnerability assessment is usually seen as a boring topic and most people think the scanners are all equal - reaching the "commodity" status. Well, for basic scanning capabilities, that's certainly...

Read more »

Update to our Vulnerability Management Guidance Doc

by Augusto Barros  |  June 22, 2017

Our updated Vulnerability Management Guidance document has just been published. It is a refinement to the guidance framework we created a couple of years ago. The focus on this one...

Read more »

WannaCry or Useful Reminders of the Realities of Vulnerability Management

by Anton Chuvakin  |  May 18, 2017

WannaCry whatever. Not that I am keyword trawling, but this recent Windows XP/NSA/North Korea/ransomware/bitcoin/OMG drama made me think about good old vulnerability management again – especially given that it is...

Read more »

Paper on Pentesting and Red Teams is OUT!

by Augusto Barros  |  April 18, 2017

As anticipated here, my short paper on pentesting and red teams is finally out. It was a fun paper to write as it follows a new model for us, GTP...

Read more »

So You Want To Build A SOC?

by Augusto Barros  |  October 17, 2016

Now you can! But should you do it? As anticipated here and here, our new paper about how to plan, design, operate and evolve a Security Operations Center is out! This...

Read more »

Notes From My First Security Summit

by Augusto Barros  |  July 5, 2016

I've finally found some time to collect my notes and impressions from my first Gartner Security and Risk Management Summit, back in June. I delivered one full session on Vulnerability...

Read more »

Is It Really Failing That Bad?

by Augusto Barros  |  December 8, 2015

One of Gartner's 2016 predicts documents includes a very interesting finding about vulnerabilities being exploited:  Existing vulnerabilities remain prevalent throughout the threat landscape, as 99.99% of exploits are based on...

Read more »

Our Vulnerability Assessment Vulnerability Management Research Publishes

by Anton Chuvakin  |  November 24, 2015

It is with much excitement that I announce that our (Augusto’s and mine) batch of three VA/VM papers have published. The documents are linked below (Gartner GTP access required): A...

Read more »

It's Here! Our New VM And VA Papers Have Been Published

by Augusto Barros  |  November 17, 2015

I'm very happy to announce that my first research papers have just been published on Gartner.com! These documents are the result of the work Anton and I did on Vulnerability...

Read more »

Vulnerability Management #1 Problem - After All These Years!

by Anton Chuvakin  |  October 13, 2015

It is 2015 – so how come we don’t know which system vulnerabilities to fix first?! Depending on how one counts, the first vulnerability assessment (VA) tools (aka “vulnerability scanners”)...

Read more »