vulnerability management on Ben Sapiro's Draft Thoughts https://thoughts.sapiro.net/categories/vulnerability-management/ Recent content in vulnerability management on Ben Sapiro's Draft Thoughts Hugo -- gohugo.io en Mon, 27 Dec 2021 00:00:00 +0000 Heuristics and information asymmetry https://thoughts.sapiro.net/post/heuristics_and_information_asymmetry/ Mon, 27 Dec 2021 00:00:00 +0000 https://thoughts.sapiro.net/post/heuristics_and_information_asymmetry/ <p>How fast should you fix a security flaw? The intuition is as fast as possible. We don&rsquo;t know when the vulnerability will be exploited and it may never be exploited. We set heuristic rules for how fast vulnerabilities of certain severities should be fixed; are those rules right?</p>