Litcius/Paper detail

Automatic CVSS-based Vulnerability Prioritization and Response with Context Information

Michał Walkowski, Maciej Krakowiak, Marcin Jaroszewski, Jacek Oko, S. Sujecki

202117 citationsDOI

Abstract

Vulnerability prioritisation is essential in the process of the vulnerability management within an IT network environment. Accurate prioritisation of the detected vulnerabilities is an important factor in corporate cybersecurity. This is because the most critical vulnerabilities should be given an immediate attention. The process of vulnerability prioritization is further exacerbated by amounts of data produced by various security systems. Thus timely detection and elimination of a vulnerability critical to the company, is very difficult. In order to improve the efficiency of the vulnerability prioritisation process, in this paper a study of selected metrics that aim to facilitate detection of critical vulnerabilities is performed.

Topics & Concepts

Vulnerability (computing)Vulnerability managementComputer sciencePrioritizationContext (archaeology)Vulnerability assessmentProcess (computing)Risk analysis (engineering)Computer securityInformation securityCritical infrastructureProcess managementBusinessPsychologyOperating systemPaleontologyPsychotherapistBiologyPsychological resilienceInformation and Cyber SecurityNetwork Security and Intrusion DetectionWeb Application Security Vulnerabilities