Sales Director at a tech services company with 11-50 employees
User
2021-08-21T07:00:03Z
Aug 21, 2021
Vulnerabiity Assement is a useful process but it's still a snap-shot of your security posture.
Risk-based Vulnerabiity Management is a dynamic, ongoing process as part of your cyber protection strategy, integrating with your installed systems, monitoring progress and taking your assets criticality into consideration.
Search for a product comparison in Vulnerability Management
Technology Advisor- CyberSecurity & Digital Transformation at Enterprise Visions
User
2020-06-04T15:15:37Z
Jun 4, 2020
As soon as a vulnerability assessment is complete, it is obsolete. Your environment changes daily/weekly/monthly. Assessments are "a point in time". Vulnerability Management is continuous, and seems to me to be the better strategy.
A risk-based approach is more effective but we need to go beyond just risk-based vulnerability assessment. We need to take into account the impact on our business and brand reputation of data being compromised, we need to take into account whether we are getting better or worse at securing our data and we need to be clear that we need continuous monitoring to maintain our security posture. We also want to see our risk score in an easily understandable way
I think risk-based vulnerability managemente it´s the way to go since you only try to solve those vulnerabilities that represent a real risk intead of just using the CVSS score. For example when you use a risk-based approach you take into account the level of importance (based on business) of the system you are trying to protect.
Director at a tech services company with 1-10 employees
Reseller
2020-06-04T08:31:37Z
Jun 4, 2020
YOU are right that earlier vulnerability assessment was very basic and done as reactive manner, after that proactive manner was introduce where it use to compare with best practice and industry threats. But now in this world of ZERO day attack we really need very Advance and RIsk base vulnerability assessment solution. And as per me this tool need to be base on AI and ML. It means Tool should contain power of Analytics & AI, Real Time Risk Monitoring, Report, Verify & Action.
Vulnerability Management (VM) is a critical cybersecurity process focused on identifying, evaluating, and mitigating vulnerabilities in IT systems. It helps organizations protect their networks and assets by proactively managing security weaknesses before they can be exploited by threats.
Vulnerabiity Assement is a useful process but it's still a snap-shot of your security posture.
Risk-based Vulnerabiity Management is a dynamic, ongoing process as part of your cyber protection strategy, integrating with your installed systems, monitoring progress and taking your assets criticality into consideration.
As soon as a vulnerability assessment is complete, it is obsolete. Your environment changes daily/weekly/monthly. Assessments are "a point in time". Vulnerability Management is continuous, and seems to me to be the better strategy.
A risk-based approach is more effective but we need to go beyond just risk-based vulnerability assessment. We need to take into account the impact on our business and brand reputation of data being compromised, we need to take into account whether we are getting better or worse at securing our data and we need to be clear that we need continuous monitoring to maintain our security posture. We also want to see our risk score in an easily understandable way
I think risk-based vulnerability managemente it´s the way to go since you only try to solve those vulnerabilities that represent a real risk intead of just using the CVSS score. For example when you use a risk-based approach you take into account the level of importance (based on business) of the system you are trying to protect.
YOU are right that earlier vulnerability assessment was very basic and done as reactive manner, after that proactive manner was introduce where it use to compare with best practice and industry threats. But now in this world of ZERO day attack we really need very Advance and RIsk base vulnerability assessment solution. And as per me this tool need to be base on AI and ML. It means Tool should contain power of Analytics & AI, Real Time Risk Monitoring, Report, Verify & Action.