Gartner Blog Network


Upcoming Vulnerability Management Research

by Anton Chuvakin  |  May 2, 2019  |  2 Comments

Given the long lead times for Vendor Briefings, here is our pre-announcement. Short summary: vulnerability management research is coming! Again!

Our AAA all-star team (that is Augusto, Anna and me) are going to refresh some of our vulnerability management documents and write one new document.

Here is what we have in mind for 2019:

  1. “A Guidance Framework for Developing and Implementing Vulnerability Management”, our epic treatise on how to VM, is going to be refreshed and perhaps a bit shortened (now at 39 pages). Sadly, we will have to throw in more stuff on remediation and patching since people keep asking about it.
  2. “A Comparison of Vulnerability and Security Configuration Assessment Solutions” will be recast into a new document type (Gartner GTP Solution Comparison) and of course refreshed. Yes, people still call us with questions about vulnerability scanner choice…
  3. A new document focused on vulnerability management in modern IT such as DevOps, containers, public cloud and such (scope is still being beaten down, it is still fuzzy…).

So:

CALL TO ACTION:

  • If you are a vendor, READ THIS before scheduling a briefing! in fact, just read it no matter what….
  • After you read the above, and if you are still a vendor related to vulnerability management, please schedule a briefing with 1, 2 or all 3 of us; we can tell you what we want to hear later….
  • If you are not a related vendor, but you have a fun story related to vulnerability assessment and/or vulnerability management, we are all ears. For example, do you have a lot of scanner “false positives”? Share with us!

Old posts related to vulnerability management:

Category: patching  security  vulnerability-management  

Anton Chuvakin
Research VP and Distinguished Analyst
8 years with Gartner
19 years IT industry

Anton Chuvakin is a Research VP and Distinguished Analyst at Gartner's GTP Security and Risk Management group. Before Mr. Chuvakin joined Gartner, his job responsibilities included security product management, evangelist… Read Full Bio


Thoughts on Upcoming Vulnerability Management Research


  1. […] to defend acceptance of unaddressed findings.” [this is literally the entire art and science of vulnerability management in one pithy line. Kudos to […]

  2. […] we mentioned here, the team (primarily Augusto and Anna, really) have started a project related to vulnerability […]



Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.