That critical vulnerability might not be the first you should patch

2022-05-30 12:16

Enterprise security teams being overrun by the rising numbers of vulnerabilities uncovered each day could vastly reduce their patching workload by changing how they prioritize the flaws, according to recent research from vulnerability startup Rezilion.

Companies will start their remediation efforts with the vulnerabilities deemed "Critical" and work their way down, said Yotam Perkal, director of vulnerability research with Rezilion.

In a study released this week, Rezilion found that about 85 percent of the vulnerabilities are not loaded into memory at these organizations, Perkal told The Register.

"If traditional vulnerability management approaches were used, one would spend upward of 85 percent of patching time and efforts on vulnerabilities that posed no actual risk to the environment."

"Organizations have limited resources and limited capacity to deal with vulnerability management and patch management," Perkal said.

"If you have 1,000 vulnerabilities, focus on the 200 that are actually loaded to memory," Perkal said.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/05/30/rezilion-vulnerability-patching/

#critical #patch #vulnerability

News URL

Related news