Beyond Subjectivity: Sharpening CVSS with Asset Context - Clayton Fields, Michael Assraf - ESW #208 Security Weekly Podcast Network (Video)
-
- Technology
Vulnerability prioritization has traditionally relied on CVSS scores and other subjective measurements (e.g. asset tagging) that don't factor in internal context. A new approach integrates asset context and application activity to derive rich, internal data.
This segment is sponsored by Vicarius. Visit https://securityweekly.com/vicarius to learn more about them!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw208
Vulnerability prioritization has traditionally relied on CVSS scores and other subjective measurements (e.g. asset tagging) that don't factor in internal context. A new approach integrates asset context and application activity to derive rich, internal data.
This segment is sponsored by Vicarius. Visit https://securityweekly.com/vicarius to learn more about them!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw208
33 min