The UK’s National Cyber Security Centre (NCSC) recently published some vulnerability management guidance that has some forward leaning recommendations that are worth taking a note of. They open the guidance by pointing out that vulnerabilities take many different forms. These include inherent characteristics of the software itself (e.g. flaws and defects) as well as configuration issues which may present the opportunity for exploitation by malicious actors. Additionally, some vulnerabilities may be known to the vendor, while others aren’t and have no mitigations available (e.g. zero days).
Share this post
A Look at the UK's National Cyber Security…
Share this post
The UK’s National Cyber Security Centre (NCSC) recently published some vulnerability management guidance that has some forward leaning recommendations that are worth taking a note of. They open the guidance by pointing out that vulnerabilities take many different forms. These include inherent characteristics of the software itself (e.g. flaws and defects) as well as configuration issues which may present the opportunity for exploitation by malicious actors. Additionally, some vulnerabilities may be known to the vendor, while others aren’t and have no mitigations available (e.g. zero days).