Here is what we have in mind for 2019:
- “A Guidance Framework for Developing and Implementing Vulnerability Management”, our epic treatise on how to VM, is going to be refreshed and perhaps a bit shortened (now at 39 pages). Sadly, we will have to throw in more stuff on remediation and patching since people keep asking about it.
- “A Comparison of Vulnerability and Security Configuration Assessment Solutions” will be recast into a new document type (Gartner GTP Solution Comparison) and of course refreshed. Yes, people still call us with questions about vulnerability scanner choice…
- A new document focused on vulnerability management in modern IT such as DevOps, containers, public cloud and such (scope is still being beaten down, it is still fuzzy…).
CALL TO ACTION:
- If you are a vendor, READ THIS before scheduling a briefing! in fact, just read it no matter what….
- After you read the above, and if you are still a vendor related to vulnerability management, please schedule a briefing with 1, 2 or all 3 of us; we can tell you what we want to hear later….
- If you are not a related vendor, but you have a fun story related to vulnerability assessment and/or vulnerability management, we are all ears. For example, do you have a lot of scanner “false positives”? Share with us!
Old posts related to vulnerability management:
- Does Vulnerability Assessment Even Matter?
- We Scan and We Patch, but We Don’t Do Vulnerability Management
- Our new Vulnerability Assessment Tools Comparison is out! (2017)
- Update to our Vulnerability Management Guidance Doc (2017)
- WannaCry or Useful Reminders of the Realities of Vulnerability Management