all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Vulnerability Management : Doubts in SLA

Add to bookmarks
May 28, 2023, 10:19 a.m. | /u/s4ngii

cybersecurity www.reddit.com

How much does your organisation take to fix a critical vulnerability in an operating system package. For example cases like a Privilege escalation vulnerability, it requires initial compromise using some other vulnerability like an RCE in the app layer. Assume you have enough protections in the app layer, how long would you take to fix the vulnerability ?

Would you still comply the SLA or this will be exempted as there's no direct exploitability ?

[View Poll](https://www.reddit.com/poll/13twx96)

app cases compromise critical critical vulnerability cybersecurity escalation fix management operating system organisation package privilege privilege escalation rce sla system vulnerability vulnerability management

Visit resource

More from www.reddit.com / cybersecurity

Update on previous post “best security practices in gaming development” 4 hours ago | www.reddit.com
can ciso cybersecurity engine +10
Should I be learning Cybersecurity on my primary machine? 13 hours ago | www.reddit.com
accounting auditor cybersecurity free +7
QSA Says we Can't Provide Public WiFi 15 hours ago | www.reddit.com
campus can cybersecurity event +13
Chinese Government Poses 'Bold and Unrelenting' Threat to U.S. Critical Infrastructure, FBI Director Says | … 15 hours ago | www.reddit.com
bureau chinese chinese government critical +10
What is best practice to prevent man in the middle compromising emails? 17 hours ago | www.reddit.com
attack best practice caught cybersecurity +13
High School English Teacher to Cybersecurity Engineer - A How-to Guide 18 hours ago | www.reddit.com
cybersecurity engineer guide high +16
Just me, or is every vendor's website awful. WHAT DO YOU ACTUALLY DO? 19 hours ago | www.reddit.com
article customers cybersecurity edr +17
We have Crowdstrike for our EDR. Can we use it as our primary SIEM? 20 hours ago | www.reddit.com
can cons cost crowdstrike +13
Web API Security Champion: Broken Object Level Authorization (OWASP TOP 10) 20 hours ago | www.reddit.com
api api security authorization broken object level authorization +9

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Information Security Manager & ISSO

@ Federal Reserve System | Minneapolis, MN
View on infosec-jobs.com

Forensic Lead

@ Arete | Hyderabad
View on infosec-jobs.com

Lead Security Risk Analyst (GRC)

@ Justworks, Inc. | New York City
View on infosec-jobs.com

Consultant Senior en Gestion de Crise Cyber et Continuité d’Activité H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com
View more jobs