The Four Laws of Vulnerability:Prevalence & Persistence

In the original videocast, Wolfgang Kandek, CTO of Qualys gave an overview of the Four Laws of Vulnerability 2.0. These laws of vulnerability were based on scans from 80 million IP addresses.

In this videocast, Wolfgang, focuses on the last two laws of Vulnerability, prevalence and persistence and why they exist within organisations.

Prevalence means that at any one moment in time a company has a specific number of vulnerabilities. Sixty percent of the most prevalent and critical vulnerabilities are being replaced by new vulnerabilities on an annual basis.

Persistence: The lifespan of most, if not all vulnerabilities is unlimited and a large percentage of vulnerabilities are never fully fixed - ie these vulnerabilities are never fully eradicated.

For the other three videocasts in this series see:-
An overview of the Four Laws of Vulnerability http://tinyurl.com/rauwsd
The 1st and 2nd Laws of Vulnerability Part 1
http://tinyurl.com/rbz7pk
The 1st and 2nd Laws of Vulnerability Part 2
http://tinyurl.com/ochljf

Thank you for listening to this videocast. Please do leave comments and ratings to let us know if you would like more of the same.

warmest wishes

Ben Chai
Chief Editor
http://www.securityvibes.com/uk

Category:

People & Blogs

Tags:

• Wolfgang Kandek
• CTO
• Qualys
• security
• IP
• vulnerability
• patches
• prevalence
• half
• life
• persistence
• exploitation
• flaws
• security vibes uk
• ben chai
• weaponise
• conficker
• detection
• zero day
• patch strategy
• patch

License:

Standard YouTube License