Gartner Blog Network

Category: 'vulnerability-management' Blog Posts

from the Gartner Blog Network

WannaCry or Useful Reminders of the Realities of Vulnerability Management

by Anton Chuvakin  |  May 18, 2017

WannaCry whatever. Not that I am keyword trawling, but this recent Windows XP/NSA/North Korea/ransomware/bitcoin/OMG drama made me think about good old vulnerability management again – especially given that it is...

Read more »

Paper on Pentesting and Red Teams is OUT!

by Augusto Barros  |  April 18, 2017

As anticipated here, my short paper on pentesting and red teams is finally out. It was a fun paper to write as it follows a new model for us, GTP...

Read more »

So You Want To Build A SOC?

by Augusto Barros  |  October 17, 2016

Now you can! But should you do it? As anticipated here and here, our new paper about how to plan, design, operate and evolve a Security Operations Center is out! This...

Read more »

Notes From My First Security Summit

by Augusto Barros  |  July 5, 2016

I've finally found some time to collect my notes and impressions from my first Gartner Security and Risk Management Summit, back in June. I delivered one full session on Vulnerability...

Read more »

Is It Really Failing That Bad?

by Augusto Barros  |  December 8, 2015

One of Gartner's 2016 predicts documents includes a very interesting finding about vulnerabilities being exploited:  Existing vulnerabilities remain prevalent throughout the threat landscape, as 99.99% of exploits are based on...

Read more »

Our Vulnerability Assessment Vulnerability Management Research Publishes

by Anton Chuvakin  |  November 24, 2015

It is with much excitement that I announce that our (Augusto’s and mine) batch of three VA/VM papers have published. The documents are linked below (Gartner GTP access required): A...

Read more »

It's Here! Our New VM And VA Papers Have Been Published

by Augusto Barros  |  November 17, 2015

I'm very happy to announce that my first research papers have just been published on! These documents are the result of the work Anton and I did on Vulnerability...

Read more »

Vulnerability Management #1 Problem - After All These Years!

by Anton Chuvakin  |  October 13, 2015

It is 2015 – so how come we don’t know which system vulnerabilities to fix first?! Depending on how one counts, the first vulnerability assessment (VA) tools (aka “vulnerability scanners”)...

Read more »

Vulnerability Management: Have We Reached a Best Practices Plateau?

by Augusto Barros  |  September 30, 2015

During our work to refresh existing Vulnerability Management and Vulnerability Assessment research papers (here and here - GTP access required) we (Anton Chuvakin and I) talked with vendors on the...

Read more »

Revisiting Vulnerability Assessment and Vulnerability Management Research

by Anton Chuvakin  |  August 7, 2015

Together with our new team member, Augusto Barros (blog, Twitter), we have embarked on an update to Gartner GTP vulnerability assessment (VA) and vulnerability management (VM) research. Let me tell...

Read more »