Risk-based patch management for vulnerabilities
Cybercriminals don't wait for companies to patch a vulnerability. The attack usually succeeds quickly and is then expected. Risk-based patch management is recommended so that the time factor loses some of its weight. From the moment a vulnerability is published, it takes an average of just 22 days to develop a working exploit. On the company side, however, it takes between 100 and 120 days on average until an available patch is implemented. One reason for this discrepancy is certainly that companies have long been powerless against the sheer number of new vulnerabilities. Vulnerabilities: In 22 days…