Secret #5 of Vulnerability Scanning: You Can Actually Prioritize, Rather Than Just Analyze

Jan 20, 2015
Ed Bellis
Chief Technology Officer, Co-founder

Share with Your Network

This is the third post by Ed Bellis in a three-part series on Vulnerability Scanning. To view all five secrets and two common “gotchas” of vulnerability scanning, please click here.

Typically, security teams spend tons of time putting together Excel spreadsheets and swimming through countless rows of data. Doing so will get the job done, eventually…kind of. But the problem is, as soon as you manage to rise to the top of your current data ocean, another wave will hit you. That is to say… by automating the detection you end up creating an ever growing mountain of findings that require more than manual effort to plow through. You can’t prioritize what to fix if you can’t even keep up with the inbound volume of data regarding potential threats, breaches and attacks.

What you need is a way to immediately prioritize the data in front of you. This is a case where tools—rather than elbow grease—may be of help. Platforms exist that can sit on top of your scan data and help you identify weaknesses in your infrastructure in the context of real-time threat data (i.e. what’s actually occurring in the world right now, and which may affect you).

This kind of platform solution—a GPS for your scan data—can be an immense time savings, and help guide your efforts in a much more efficient way than simply sorting by CVSS scores, each and every day.

Read the Latest Content

Research Reports

Prioritization to Prediction Volume 5: In Search of Assets at Risk

The fifth volume of the P2P series explores the vulnerability risk landscape by looking at how enterprises often view vulnerabilities.

5 Things Every CIO Should Know About Vulnerability Management

If you view vulnerability management (VM) as just a small part of your operation, it might be time to take another look.  Managing vulnerabilities is...



Get Started Using the Exploit Prediction Scoring System (EPSS).

Cyentia Institute’s Chief Data Scientist and Founder Jay Jacobs gives tips on how to get started using the Exploit Prediction Scoring System (EPSS). You...

© 2022 Kenna Security. All Rights Reserved. Privacy Policy.