It's Time to Align Your Vulnerability Management Priorities with the Biggest

Provided by Skybox

Category Malware

Type White Paper

Length 22

Publish Date September 09 2016

Date posted May 30 2017


Take the Threat-Centric Approach to Vulnerability Prioritization

IT security leaders should refocus their attention on how vulnerabilities are being managed and should track this metric to provide visibility as to how to reduce the biggest risks of being breached.

Download the report to see Gartner analysis and recommendations to overcoming key challenges of vulnerability management including:

  • The exploitation of known, but unmitigated, vulnerabilities is the primary method of compromise for most threats. Meanwhile, "zero days" are only approximately 0.4% of vulnerabilities during the past decade, but their risk to most companies is out of balance with the attention they get. 
  • Breach report data and Gartner research highlight that only a small number of vulnerabilities go on to be exploited in real-world attacks.
  • Traditional vulnerability severity rating schemes — such as First's Common Vulnerability Scoring System score or the classical "critical, high, medium and low" rankings — can provide base measures of the criticality and impact of vulnerabilities; however, they don't take into account what then is actually exploited "in the wild."

Recommended for You


Programming languages to avoid learning in 2018

Dan Swinhoe casts a critical eye on the future


A c-suite guide to blockchain 2018

Kathryn Cave looks at the big trends in global tech

Most Recent Comments

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.


Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.



Should the government regulate Artificial Intelligence?