A decade ago, most enterprises could get away with addressing vulnerabilities in silos. One team would scan servers and desktop computers on the enterprise network, looking for misconfigurations in systems and vulnerabilities in commercial softwa
re-applications. When problems were discovered, they were thrown over the wall for system administrators and operations groups to fix. Application developers were responsible for policing internally developed web applications. Other specialists worried about the susceptibility of employees to social engineering attacks. Rarely was anyone responsible for analyzing how different types of vulnerabilities might interact to expose critical data and intellectual property.
Read the report to learn how vulnerability risk management has evolved with the four key pillars for successful VRM strategy