all InfoSec news
Software Updates Strategies: a Quantitative Evaluation against Advanced Persistent Threats. (arXiv:2205.07759v2 [cs.CR] UPDATED)
cs.CR updates on arXiv.org arxiv.org
Software updates reduce the opportunity for exploitation. However, since
updates can also introduce breaking changes, enterprises face the problem of
balancing the need to secure software with updates with the need to support
operations. We propose a methodology to quantitatively investigate the
effectiveness of software updates strategies against attacks of Advanced
Persistent Threats (APTs). We consider strategies where the vendor updates are
the only limiting factors to cases in which enterprises delay updates from 1 to
7 months based on …
advanced advanced persistent threats persistent quantitative software threats updates