At the recent Gartner Security and Risk Summit, one of the presenters recommended using an exploit framework to prioritize vulnerabilities. The idea is to use the exploits to automatically verify vulnerabilities as part of the vulnerability management process. Simple in theory, bad in practice.
↧