Increased software complexity and regulatory scrutiny put a tremendous strain on companies of all sizes. With breaches and exposures in every industry continuing to rise, there is an understandable focus on reducing and eliminating breaches. However, there are several considerations on this topic, including the increased complexity of software and dependence on technology, the staggering volume and choice of software, and decisions between proprietary and open-source software.
Given there is a cost to both producing and applying fixes, taking this risk-based approach of fixing critical, important/high and known exploited vulnerabilities alone can immediately half that cost. The question then becomes: How do we utilize that savings to our advantage? Software consumers could use those resources to ensure configurations are correct and hardened, invest in automation to reduce manual labor and human error, and deploy monitoring and detection software to find and prevent exposures and breaches early. These investments serve the same ultimate goal of reducing the risk of a breach but in potentially more effective ways.
Unfortunately, that message is being lost in the noise of 2,400 security issues being disclosed, on average, every month. And if you look at 2024 to date, there have been overIt’s time to rethink the risk inherent in software vulnerabilities—yes, inherent risk absolutely exists, and those risky vulnerabilities must be patched quickly. Yet, not every vulnerability exposes end users to risk. Software doesn’t pose a risk just because it’s there, and they don’t all pose the same risk.
Brasil Últimas Notícias, Brasil Manchetes
Similar News:Você também pode ler notícias semelhantes a esta que coletamos de outras fontes de notícias.
Fonte: PasteMagazine - 🏆 392. / 55 Consulte Mais informação »