On Wednesday, July 26, Rezilion, an automated software supply chain security platform, will release its new report, “CVSS, EPSS, KEV: The New Acronyms – And The Intelligence – You Need For Effective Vulnerability Management,” detailing the critical importance of the Exploitability Probability Prediction Score (EPSS) for enhancing patch prioritization and effective vulnerability management.
Rezilion’s vulnerability experts disclosed that there are three vulnerabilities currently being actively exploited and have a high EPSS score. The findings of the report show that vulnerabilities with a high EPSS score are more likely to be exploited compared to those with low EPSS scores- showing that using only the Common Vulnerability Scoring System (CVSS) for prioritizing patching is not the most effective approach.
Key takeaways from the report include:
- The conventional method of prioritizing vulnerabilities often falls short. A holistic approach, including CVSS, CISA’s KEV, and EPSS, offers the best defense.
- The KEV catalog alone is insufficient due to the delay in adding newly discovered vulnerabilities.
- Vulnerabilities with a high EPSS score are more likely to be exploited, emphasizing the importance of this information in prioritization.
You can read the report here.
Like this:
Like Loading...
Related
This entry was posted on July 26, 2023 at 9:01 am and is filed under Commentary with tags Rezilion. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Rezilion Reveals Overlooked High-Risk Vulnerabilities in CISA KEV Catalog, Raising Questions about Patching Prioritization Standards
On Wednesday, July 26, Rezilion, an automated software supply chain security platform, will release its new report, “CVSS, EPSS, KEV: The New Acronyms – And The Intelligence – You Need For Effective Vulnerability Management,” detailing the critical importance of the Exploitability Probability Prediction Score (EPSS) for enhancing patch prioritization and effective vulnerability management.
Rezilion’s vulnerability experts disclosed that there are three vulnerabilities currently being actively exploited and have a high EPSS score. The findings of the report show that vulnerabilities with a high EPSS score are more likely to be exploited compared to those with low EPSS scores- showing that using only the Common Vulnerability Scoring System (CVSS) for prioritizing patching is not the most effective approach.
Key takeaways from the report include:
You can read the report here.
Share this:
Like this:
Related
This entry was posted on July 26, 2023 at 9:01 am and is filed under Commentary with tags Rezilion. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.