Discovering the factors at play in successful vulnerability management is an extremely complex endeavor.
The challenge lies in the sheer volume of interconnected factors at play: how should businesses measure success? what vulnerabilities should be prioritized? how quickly do patches need to be applied? how many vulnerabilities can be patched? does increasing budgets decrease risk?
We’ve come a long way towards answering the above questions in the first three volumes of our Prioritization to Prediction research series (links below) and now we’re looking at the practices of real enterprise vulnerability management programs to measure how they impact the success (or failure) on vulnerability remediation performance.
Prioritization to Prediction, Volume 4: Measuring What Matters in Remediation, combines qualitative survey data on enterprise vulnerability management practices with quantitative measures of actual remediation performance to reveal the business factors that contribute to high-performing vulnerability management programs.