Addressing Internet security vulnerabilities - A benchmarking study |
The exploitation of vulnerabilities in operating systems and applications has become a frequent and increasing problem in IT environments. This paper assesses the extent of the problem by examining the scale of vulnerability reports issued by a number of popular advisory sources. It then proceeds to determine the workload implications that this introduces from system administrators, benchmarking the number of vulnerabilities that would need to be addressed and patched within a reference environment over a 12-month period. It is concluded that further advances are required in order to facilitate more targeted vulnerability notification, and where possible, the automated rectification of the problems themselves.
Alayed A, Furnell SM, Barlow I