Knowledge is Power

Solution Briefs

The Assets at Risk Challenge (for Government)

Scan tools, static code analyses and pen tests produce long lists of vulnerabilities and configuration issues, that include a severity rating, but nothing reflecting the potential fiscal and mission impact of the exposed applications. Which vulnerabilities, if exploited, will create the greatest impact to my agency’s mission? Which vulnerability do I patch first? Who is the person responsible for approving the patch?