Last month marks 25 years of operation for the CVE (Common Vulnerabilities and Exposures) program, launched in September 1999. It’s difficult to imagine a world without CVEs. Much of the “vulnerability management” activities, before the CVE program became popular, relied on matching version numbers from remote scans and executing shady exploits found in dark places on the Internet to validate findings. We’ve come a long way when it comes to vulnerability tracking ….

The post Vulnerability Prioritization & the Magic 8 Ball appeared first on Eclypsium | Supply Chain Security for the Modern Enterprise.

*** This is a Security Bloggers Network syndicated blog from Eclypsium | Supply Chain Security for the Modern Enterprise authored by Chris Garland. Read the original post at: https://eclypsium.com/news/vulnerability-prioritization-the-magic-8-ball/