Publication detail

Manager asks: Which vulnerability must be eliminated first?

SAFONOV, Y. MARTINÁSEK, Z. MALINA, L. PECL, D. KAČIC, M. ALMER, L.

Original Title

Manager asks: Which vulnerability must be eliminated first?

English Title

Manager asks: Which vulnerability must be eliminated first?

Type

conference paper

Language

en

Original Abstract

Nowadays, the number of discovered vulnerabilities increases rapidly. In 2018, the 17, 308 vulnerabilities were discovered and during the 2019 even more, so up to 20, 362. The serious problem is that a substantial part of them is rated as critical or at least labeled as as high according the CVSS (Common Vulnerability Scoring System). This fact causes a problem, the designers and/or developers do not know which vulnerability should be eliminated at the first place. Time for removal of the vulnerability is crucial from the practical point of cyber security. The main contribution of the article is a proposal of a new method that is used for prioritizing vulnerabilities. The aim of the proposed method is to eliminate the disadvantages of approaches commonly used today. Our method improves the prioritization of vulnerabilities utilizing the parameters: the possibility of exploitation, availability of information about them and knowledge obtained by Threat Intelligence. These three parameters are highly important, especially for newly discovered vulnerabilities, where a priority can differ from day to day. We evaluate the functionality of the proposed method utilizing the production environment of a medium-sized company and we copare results with CVSS method (30 servers, 200 end-stations).

English abstract

Nowadays, the number of discovered vulnerabilities increases rapidly. In 2018, the 17, 308 vulnerabilities were discovered and during the 2019 even more, so up to 20, 362. The serious problem is that a substantial part of them is rated as critical or at least labeled as as high according the CVSS (Common Vulnerability Scoring System). This fact causes a problem, the designers and/or developers do not know which vulnerability should be eliminated at the first place. Time for removal of the vulnerability is crucial from the practical point of cyber security. The main contribution of the article is a proposal of a new method that is used for prioritizing vulnerabilities. The aim of the proposed method is to eliminate the disadvantages of approaches commonly used today. Our method improves the prioritization of vulnerabilities utilizing the parameters: the possibility of exploitation, availability of information about them and knowledge obtained by Threat Intelligence. These three parameters are highly important, especially for newly discovered vulnerabilities, where a priority can differ from day to day. We evaluate the functionality of the proposed method utilizing the production environment of a medium-sized company and we copare results with CVSS method (30 servers, 200 end-stations).

Keywords

CVSS; priority; security; vulnerability assessment

Released

04.02.2021

Publisher

Springer

ISBN

978-3-030-69254-4

Book

Innovative Security Solutions for Information Technology and Communications

Pages from

1

Pages to

18

Pages count

18

Documents

BibTex


@inproceedings{BUT167693,
  author="David {Pecl} and Yehor {Safonov} and Zdeněk {Martinásek} and Matej {Kačic} and Lubomír {Almer} and Lukáš {Malina}",
  title="Manager asks: Which vulnerability must be eliminated first?",
  annote="Nowadays, the number of discovered vulnerabilities increases rapidly. In 2018, the 17, 308 vulnerabilities were discovered and during the 2019 even more, so up to 20, 362. The serious problem is that a substantial part of them is rated as critical or at least labeled as as high
according the CVSS (Common Vulnerability Scoring System). This fact causes a problem, the designers and/or developers do not know which vulnerability should be eliminated at the first place. Time for removal of the vulnerability is crucial from the practical point of cyber security. The main contribution of the article is a proposal of a new method that is used for prioritizing vulnerabilities. The aim of the proposed method is to eliminate the disadvantages of approaches commonly used today. Our method improves the prioritization of vulnerabilities utilizing the parameters: the possibility of exploitation, availability of information about them and knowledge obtained by Threat Intelligence. These three parameters are highly important, especially for newly discovered vulnerabilities, where a priority can differ from day to day. We evaluate the functionality of the proposed method utilizing the production environment of a medium-sized company and we copare results with CVSS method (30 servers, 200 end-stations).",
  address="Springer",
  booktitle="Innovative Security Solutions for Information Technology and Communications",
  chapter="167693",
  doi="10.1007/978-3-030-69255-1_10",
  howpublished="online",
  institution="Springer",
  year="2021",
  month="february",
  pages="1--18",
  publisher="Springer",
  type="conference paper"
}