Skip to content
07.01.2019 by Michael Roytman

The Complexity of Prioritising Patching

Abstract

As American journalist and essayist HL Mencken once wrote: “For every complex problem there is a solution that is concise, clear, simple, and wrong.” Anyone working in or around vulnerability remediation knows the apparently ‘simple’ task of applying a patch is anything but. The vulnerability lifecycle is filled with pitfalls and deceptively complex tasks.Anyone working in or around vulnerability remediation knows that the apparently ‘simple’ task of applying a patch is anything but. The vulnerability lifecycle is filled with pitfalls.The time and effort needed to remediate any single vulnerability across an entire enterpriseLink to https://www.sciencedirect.com/topics/social-sciences/company are often underestimated. This creates an obvious and urgent demand for prioritisation, which requires we understand more about the world of vulnerabilities. Michael Roytman of Kenna Security and Jay Jacobs at the Cyentia Institute explore what the open vulnerability landscape looks like and investigate multiple factors contributing to the remediation efforts. Read research paperLink to https://www.sciencedirect.com/science/article/abs/pii/S1353485819300820

Other Research

Calibration plot for EPSS v4Link to /research/probability-and-prediction
03.06.2025
Probability and PredictionProbability and PredictionRead MoreRead More
AI In Cybersecurity: Looking Beyond The SOCLink to /research/looking-beyond-the-soc
03.03.2025
Ai In Cybersecurity: Looking Beyond the SocAi In Cybersecurity: Looking Beyond the SocRead MoreRead More