Loading…

Automatic CVSS-based Vulnerability Prioritization and Response with Context Information

Vulnerability prioritisation is essential in the process of the vulnerability management within an IT network environment. Accurate prioritisation of the detected vulnerabilities is an important factor in corporate cybersecurity. This is because the most critical vulnerabilities should be given an i...

Full description

Saved in:
Bibliographic Details
Main Authors: Walkowski, Michal, Krakowiak, Maciej, Jaroszewski, Marcin, Oko, Jacek, Sujecki, Slawomir
Format: Conference Proceeding
Language:English
Subjects:
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by
cites
container_end_page 6
container_issue
container_start_page 1
container_title
container_volume
creator Walkowski, Michal
Krakowiak, Maciej
Jaroszewski, Marcin
Oko, Jacek
Sujecki, Slawomir
description Vulnerability prioritisation is essential in the process of the vulnerability management within an IT network environment. Accurate prioritisation of the detected vulnerabilities is an important factor in corporate cybersecurity. This is because the most critical vulnerabilities should be given an immediate attention. The process of vulnerability prioritization is further exacerbated by amounts of data produced by various security systems. Thus timely detection and elimination of a vulnerability critical to the company, is very difficult. In order to improve the efficiency of the vulnerability prioritisation process, in this paper a study of selected metrics that aim to facilitate detection of critical vulnerabilities is performed.
doi_str_mv 10.23919/SoftCOM52868.2021.9559094
format conference_proceeding
fullrecord <record><control><sourceid>ieee_CHZPO</sourceid><recordid>TN_cdi_ieee_primary_9559094</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>9559094</ieee_id><sourcerecordid>9559094</sourcerecordid><originalsourceid>FETCH-ieee_primary_95590943</originalsourceid><addsrcrecordid>eNp9jsFKAzEUAKMgWHS_wEvwvutLsrF5R1kUPYjiSvVWUvsWn-wmJUnR-vWK9OxpDjOHEeJcQaMNKrzo41C6h3ur3aVrNGjVoLUI2B6ICucOrdEIClAfiply7bw21r0eiyrnDwAwGkyLOBMvV9sSJ1_4TXaLvq9XPtNaLrZjoORXPHLZycfEMXHh798sBunDWj5R3sSQSX5yeZddDIW-irwLQ0zTX3UqjgY_Zqr2PBFnN9fP3W3NRLTcJJ582i33y-Z_-wPrrkdb</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Automatic CVSS-based Vulnerability Prioritization and Response with Context Information</title><source>IEEE Xplore All Conference Series</source><creator>Walkowski, Michal ; Krakowiak, Maciej ; Jaroszewski, Marcin ; Oko, Jacek ; Sujecki, Slawomir</creator><creatorcontrib>Walkowski, Michal ; Krakowiak, Maciej ; Jaroszewski, Marcin ; Oko, Jacek ; Sujecki, Slawomir</creatorcontrib><description>Vulnerability prioritisation is essential in the process of the vulnerability management within an IT network environment. Accurate prioritisation of the detected vulnerabilities is an important factor in corporate cybersecurity. This is because the most critical vulnerabilities should be given an immediate attention. The process of vulnerability prioritization is further exacerbated by amounts of data produced by various security systems. Thus timely detection and elimination of a vulnerability critical to the company, is very difficult. In order to improve the efficiency of the vulnerability prioritisation process, in this paper a study of selected metrics that aim to facilitate detection of critical vulnerabilities is performed.</description><identifier>EISSN: 1847-358X</identifier><identifier>EISBN: 9789532901092</identifier><identifier>EISBN: 9532901094</identifier><identifier>DOI: 10.23919/SoftCOM52868.2021.9559094</identifier><language>eng</language><publisher>University of Split, FESB</publisher><subject>Business ; Common Vulnerability Scoring System ; Companies ; Computer crime ; Computer networks ; Cybersecurity ; Measurement ; Quality of Service ; Risk-Based Vulnerability Man-agement ; Software ; Telecommunications</subject><ispartof>2021 International Conference on Software, Telecommunications and Computer Networks (SoftCOM), 2021, p.1-6</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/9559094$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,780,784,789,790,27925,54555,54932</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/9559094$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Walkowski, Michal</creatorcontrib><creatorcontrib>Krakowiak, Maciej</creatorcontrib><creatorcontrib>Jaroszewski, Marcin</creatorcontrib><creatorcontrib>Oko, Jacek</creatorcontrib><creatorcontrib>Sujecki, Slawomir</creatorcontrib><title>Automatic CVSS-based Vulnerability Prioritization and Response with Context Information</title><title>2021 International Conference on Software, Telecommunications and Computer Networks (SoftCOM)</title><addtitle>SoftCOM</addtitle><description>Vulnerability prioritisation is essential in the process of the vulnerability management within an IT network environment. Accurate prioritisation of the detected vulnerabilities is an important factor in corporate cybersecurity. This is because the most critical vulnerabilities should be given an immediate attention. The process of vulnerability prioritization is further exacerbated by amounts of data produced by various security systems. Thus timely detection and elimination of a vulnerability critical to the company, is very difficult. In order to improve the efficiency of the vulnerability prioritisation process, in this paper a study of selected metrics that aim to facilitate detection of critical vulnerabilities is performed.</description><subject>Business</subject><subject>Common Vulnerability Scoring System</subject><subject>Companies</subject><subject>Computer crime</subject><subject>Computer networks</subject><subject>Cybersecurity</subject><subject>Measurement</subject><subject>Quality of Service</subject><subject>Risk-Based Vulnerability Man-agement</subject><subject>Software</subject><subject>Telecommunications</subject><issn>1847-358X</issn><isbn>9789532901092</isbn><isbn>9532901094</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2021</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><recordid>eNp9jsFKAzEUAKMgWHS_wEvwvutLsrF5R1kUPYjiSvVWUvsWn-wmJUnR-vWK9OxpDjOHEeJcQaMNKrzo41C6h3ur3aVrNGjVoLUI2B6ICucOrdEIClAfiply7bw21r0eiyrnDwAwGkyLOBMvV9sSJ1_4TXaLvq9XPtNaLrZjoORXPHLZycfEMXHh798sBunDWj5R3sSQSX5yeZddDIW-irwLQ0zTX3UqjgY_Zqr2PBFnN9fP3W3NRLTcJJ582i33y-Z_-wPrrkdb</recordid><startdate>20210923</startdate><enddate>20210923</enddate><creator>Walkowski, Michal</creator><creator>Krakowiak, Maciej</creator><creator>Jaroszewski, Marcin</creator><creator>Oko, Jacek</creator><creator>Sujecki, Slawomir</creator><general>University of Split, FESB</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>20210923</creationdate><title>Automatic CVSS-based Vulnerability Prioritization and Response with Context Information</title><author>Walkowski, Michal ; Krakowiak, Maciej ; Jaroszewski, Marcin ; Oko, Jacek ; Sujecki, Slawomir</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-ieee_primary_95590943</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2021</creationdate><topic>Business</topic><topic>Common Vulnerability Scoring System</topic><topic>Companies</topic><topic>Computer crime</topic><topic>Computer networks</topic><topic>Cybersecurity</topic><topic>Measurement</topic><topic>Quality of Service</topic><topic>Risk-Based Vulnerability Man-agement</topic><topic>Software</topic><topic>Telecommunications</topic><toplevel>online_resources</toplevel><creatorcontrib>Walkowski, Michal</creatorcontrib><creatorcontrib>Krakowiak, Maciej</creatorcontrib><creatorcontrib>Jaroszewski, Marcin</creatorcontrib><creatorcontrib>Oko, Jacek</creatorcontrib><creatorcontrib>Sujecki, Slawomir</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Xplore (Online service)</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Walkowski, Michal</au><au>Krakowiak, Maciej</au><au>Jaroszewski, Marcin</au><au>Oko, Jacek</au><au>Sujecki, Slawomir</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Automatic CVSS-based Vulnerability Prioritization and Response with Context Information</atitle><btitle>2021 International Conference on Software, Telecommunications and Computer Networks (SoftCOM)</btitle><stitle>SoftCOM</stitle><date>2021-09-23</date><risdate>2021</risdate><spage>1</spage><epage>6</epage><pages>1-6</pages><eissn>1847-358X</eissn><eisbn>9789532901092</eisbn><eisbn>9532901094</eisbn><abstract>Vulnerability prioritisation is essential in the process of the vulnerability management within an IT network environment. Accurate prioritisation of the detected vulnerabilities is an important factor in corporate cybersecurity. This is because the most critical vulnerabilities should be given an immediate attention. The process of vulnerability prioritization is further exacerbated by amounts of data produced by various security systems. Thus timely detection and elimination of a vulnerability critical to the company, is very difficult. In order to improve the efficiency of the vulnerability prioritisation process, in this paper a study of selected metrics that aim to facilitate detection of critical vulnerabilities is performed.</abstract><pub>University of Split, FESB</pub><doi>10.23919/SoftCOM52868.2021.9559094</doi></addata></record>
fulltext fulltext_linktorsrc
identifier EISSN: 1847-358X
ispartof 2021 International Conference on Software, Telecommunications and Computer Networks (SoftCOM), 2021, p.1-6
issn 1847-358X
language eng
recordid cdi_ieee_primary_9559094
source IEEE Xplore All Conference Series
subjects Business
Common Vulnerability Scoring System
Companies
Computer crime
Computer networks
Cybersecurity
Measurement
Quality of Service
Risk-Based Vulnerability Man-agement
Software
Telecommunications
title Automatic CVSS-based Vulnerability Prioritization and Response with Context Information
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-01T15%3A01%3A32IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_CHZPO&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Automatic%20CVSS-based%20Vulnerability%20Prioritization%20and%20Response%20with%20Context%20Information&rft.btitle=2021%20International%20Conference%20on%20Software,%20Telecommunications%20and%20Computer%20Networks%20(SoftCOM)&rft.au=Walkowski,%20Michal&rft.date=2021-09-23&rft.spage=1&rft.epage=6&rft.pages=1-6&rft.eissn=1847-358X&rft_id=info:doi/10.23919/SoftCOM52868.2021.9559094&rft.eisbn=9789532901092&rft.eisbn_list=9532901094&rft_dat=%3Cieee_CHZPO%3E9559094%3C/ieee_CHZPO%3E%3Cgrp_id%3Ecdi_FETCH-ieee_primary_95590943%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=9559094&rfr_iscdi=true