Gartner Blog Network

Tag: 'vulnerability-management' Blog Posts

from the Gartner Blog Network

The New Vulnerability Management Guidance Framework

by Augusto Barros  |  October 25, 2019

After a huge delay I can finally announce that the new version of our Vulnerability Management Guidance Framework is out! Although it is a refresh of a document that has...

Read more »

Comments: 3

Considering Remediation Approaches For Vulnerability Prioritization

by Augusto Barros  |  May 2, 2019

As Anton said, we are starting our work on vulnerability management this year. One of the points I've started to look at more carefully is how much the different patching...

Read more »

The Virtual Patch Analyst

by Augusto Barros  |  March 7, 2018

Is there a need, or place for a "virtual patch analyst"? If you look at our guidance on vulnerability management, you’ll see that one of the key components we suggest...

Read more »

Update to our Vulnerability Management Guidance Doc

by Augusto Barros  |  June 22, 2017

Our updated Vulnerability Management Guidance document has just been published. It is a refinement to the guidance framework we created a couple of years ago. The focus on this one...

Read more »

Notes From My First Security Summit

by Augusto Barros  |  July 5, 2016

I've finally found some time to collect my notes and impressions from my first Gartner Security and Risk Management Summit, back in June. I delivered one full session on Vulnerability...

Read more »

Comments: 2

Is It Really Failing That Bad?

by Augusto Barros  |  December 8, 2015

One of Gartner's 2016 predicts documents includes a very interesting finding about vulnerabilities being exploited:  Existing vulnerabilities remain prevalent throughout the threat landscape, as 99.99% of exploits are based on...

Read more »

Comments: 1

It's Here! Our New VM And VA Papers Have Been Published

by Augusto Barros  |  November 17, 2015

I'm very happy to announce that my first research papers have just been published on! These documents are the result of the work Anton and I did on Vulnerability...

Read more »

Comments: 1

Vulnerability Management: Have We Reached a Best Practices Plateau?

by Augusto Barros  |  September 30, 2015

During our work to refresh existing Vulnerability Management and Vulnerability Assessment research papers (here and here - GTP access required) we (Anton Chuvakin and I) talked with vendors on the...

Read more »

Comments: 5

Air Gaps And Security Infrastructure

by Augusto Barros  |  September 8, 2015

I've been seeing many organizations with highly segregated ("air gapped") networks lately. An interesting effect of this design pattern is the need to replicate security infrastructure or to design those...

Read more »

Patch Management – NOT A Solved Problem!

by Anton Chuvakin  |  May 6, 2013

We again interrupt our regular programming (on network forensics and security data sharing this quarter) to delve into a subject much removed from the exciting world of APT fighting, “kill...

Read more »