SANS Vulnerability Management Survey 2020

Vulnerability Identification Does Not Equal Vulnerability Management

Many organizations struggle with evolving their capabilities in identifying vulnerabilities to actually remediating those vulnerabilities. Fixing vulnerabilities is a challenge for many reasons including budget restraints, limited resources, a lack of coordinated efforts between multiple internal groups, and the continuously growing number of new vulnerabilities. 

To succeed with vulnerability management, a coordinated effort among security, IT, and the business operations groups is essential. Organizations must also identify, acknowledge, and track the barriers that are preventing timely remediation of vulnerabilities. 

In this survey, David Hazar, SANS analyst and instructor, looked at:

• Automated discovery techniques across a variety of asset types
• Maturity of remediation techniques across a variety of asset types
• Vulnerability prioritization techniques
• Remediation deadlines and timelines
• Roles and responsibilities for vulnerability management tasks

Get the full report to enable your organization to effectively and efficiently remediate vulnerabilities.