all InfoSec news
An Analysis of How Many Undiscovered Vulnerabilities Remain in Information Systems. (arXiv:2304.09259v1 [cs.CR])
cs.CR updates on arXiv.org arxiv.org
Vulnerability management strategy, from both organizational and public policy
perspectives, hinges on an understanding of the supply of undiscovered
vulnerabilities. If the number of undiscovered vulnerabilities is small enough,
then a reasonable investment strategy would be to focus on finding and removing
the remaining undiscovered vulnerabilities. If the number of undiscovered
vulnerabilities is and will continue to be large, then a better investment
strategy would be to focus on quick patch dissemination and engineering
resilient systems. This paper examines a …
analysis continue engineering focus information investment large management paradigm patch perspectives policy public public policy strategy supply systems understanding vulnerabilities vulnerability vulnerability management