Vulnerability Exploitability eXchange (VEX) – A Guide
VEX is a machine-readable artifact that contains product and vulnerability details. It can also be considered as a form of a security advisory that provides context to whether a component present in a product or products is affected by one or many vulnerabilities. It can easily integrate with existing tools and can be shared for use.
Vulnerability Patching: A Resource Guide
Vulnerability patching is the short-term implementation of patches, which are pieces of code added to existing software to improve functionality or to remove vulnerabilities that have been...
Attack Surface Management: Everything You Need to Know
Attack Surface Management (ASM) is the ongoing discovery, inventory, classification, prioritization, and security monitoring of an organization’s IT infrastructure. The attack surface is all of the entry...
Software Bill Of Materials: What is an SBOM and How Do I Use It?
Just like you’d find all the ingredients on a package of food, a Software Bill of Materials is a list of all the components contained in a software product. Vendors typically create these bills to describe...
Vulnerability Management: A Guide
Vulnerability management is the ongoing practice of continually identifying, classifying, prioritizing, remediating, and mitigating software vulnerabilities or weaknesses in operating systems, enterprise...