oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Open Source Tool | vPrioritization | Risk Prioritization Framework

From: "Perry E. Metzger" <perry () piermont com>
Date: Mon, 7 Sep 2020 16:51:01 -0400
On Sun, 6 Sep 2020 13:18:34 +0530 Pramod Rana <varchashva () gmail com>
wrote:

Appreciate your comments.

My two cents - Patch everything is far from reality to most (read
all) organizations


"All" is clearly false; I know many organizations that patch
all their hardware fast, and a few that do it essentially within
hours (unless CI tests for the patched infra fail). I don't have good
statistics, but the existence of some organizations of significant
size capable of patching everything leads me to believe the obstacle
isn't whether it's possible.

Perry
-- 
Perry E. Metzger                perry () piermont com
Previous By Date Next
Previous By Thread Next

Current thread: