Security leaders depend on vulnerability data to guide decisions, but the system supplying that data is struggling. An analysis from Sonatype shows that core vulnerability indexes no longer deliver the consistency or speed needed for the current software environment. A system that no longer keeps pace The CVE program still serves as the industry’s naming backbone, and the NVD remains a primary source for severity ratings. These tools were built for an era of slower … More
The post What happens when vulnerability scores fall apart? appeared first on Help Net Security.
