CPE Data and False Positives in Vulnerability Management
The problem of false positives in vulnerability management can largely be attributed to the use of CPE (Common Platform Enumeration) data in the correlation process, a critical first step in vulnerability management.
A Faster Horse
Today, those in vulnerability management often create development environments (aka sandboxes) to test whether or not new patches will cause disruptions on their networks…just like they’ve been doing for 3 decades. Which leads to only one conclusion: ARPA-H is funding an effort to build a faster horse.
Why Existing Vulnerability Management Solutions Aren’t Working
The vulnerability management market answers every question a practitioner or cybersecurity professional could want answered…except the only one that matters: will this patch break my shit.
If it Ain’t Breaking Stuff, Fix It
Tell us when patches are disruptive? Sure. But more importantly, let us know when they’re not, information that’s potentially much more actionable.
