Most vulnerability management programs are built on a simple assumption: vulnerabilities are discovered, assigned a CVE, analyzed, prioritized and remediated. A new federal audit suggests that model is under increasing strain. The National Vulnerability Database (NVD) backlog isn’t just a government process issue; it’s evidence that vulnerability volume, software supply-chain complexity and shrinking exploitation timelines […] The post appeared first on <a href="

Read the original article