Gartner Blog Network

Category: 'vulnerability-management' Blog Posts

from the Gartner Blog Network

Update to our Vulnerability Management Guidance Doc

by Augusto Barros  |  June 22, 2017

Our updated Vulnerability Management Guidance document has just been published. It is a refinement to the guidance framework we created a couple of years ago. The focus on this one...

Read more »

WannaCry or Useful Reminders of the Realities of Vulnerability Management

by Anton Chuvakin  |  May 18, 2017

WannaCry whatever. Not that I am keyword trawling, but this recent Windows XP/NSA/North Korea/ransomware/bitcoin/OMG drama made me think about good old vulnerability management again – especially given that it is...

Read more »

Comments: 3

Paper on Pentesting and Red Teams is OUT!

by Augusto Barros  |  April 18, 2017

As anticipated here, my short paper on pentesting and red teams is finally out. It was a fun paper to write as it follows a new model for us, GTP...

Read more »

So You Want To Build A SOC?

by Augusto Barros  |  October 17, 2016

Now you can! But should you do it? As anticipated here and here, our new paper about how to plan, design, operate and evolve a Security Operations Center is out! This...

Read more »

Comments: 3

Notes From My First Security Summit

by Augusto Barros  |  July 5, 2016

I've finally found some time to collect my notes and impressions from my first Gartner Security and Risk Management Summit, back in June. I delivered one full session on Vulnerability...

Read more »

Comments: 2

Is It Really Failing That Bad?

by Augusto Barros  |  December 8, 2015

One of Gartner's 2016 predicts documents includes a very interesting finding about vulnerabilities being exploited:  Existing vulnerabilities remain prevalent throughout the threat landscape, as 99.99% of exploits are based on...

Read more »

Comments: 1

Our Vulnerability Assessment Vulnerability Management Research Publishes

by Anton Chuvakin  |  November 24, 2015

It is with much excitement that I announce that our (Augusto’s and mine) batch of three VA/VM papers have published. The documents are linked below (Gartner GTP access required): A...

Read more »

It's Here! Our New VM And VA Papers Have Been Published

by Augusto Barros  |  November 17, 2015

I'm very happy to announce that my first research papers have just been published on Gartner.com! These documents are the result of the work Anton and I did on Vulnerability...

Read more »

Comments: 1

Vulnerability Management #1 Problem - After All These Years!

by Anton Chuvakin  |  October 13, 2015

It is 2015 – so how come we don’t know which system vulnerabilities to fix first?! Depending on how one counts, the first vulnerability assessment (VA) tools (aka “vulnerability scanners”)...

Read more »

Comments: 2

Vulnerability Management: Have We Reached a Best Practices Plateau?

by Augusto Barros  |  September 30, 2015

During our work to refresh existing Vulnerability Management and Vulnerability Assessment research papers (here and here - GTP access required) we (Anton Chuvakin and I) talked with vendors on the...

Read more »

Comments: 5