Loading…
Automatic CVSS-based Vulnerability Prioritization and Response with Context Information
Vulnerability prioritisation is essential in the process of the vulnerability management within an IT network environment. Accurate prioritisation of the detected vulnerabilities is an important factor in corporate cybersecurity. This is because the most critical vulnerabilities should be given an i...
Saved in:
Main Authors: | , , , , |
---|---|
Format: | Conference Proceeding |
Language: | English |
Subjects: | |
Online Access: | Request full text |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
cited_by | |
---|---|
cites | |
container_end_page | 6 |
container_issue | |
container_start_page | 1 |
container_title | |
container_volume | |
creator | Walkowski, Michal Krakowiak, Maciej Jaroszewski, Marcin Oko, Jacek Sujecki, Slawomir |
description | Vulnerability prioritisation is essential in the process of the vulnerability management within an IT network environment. Accurate prioritisation of the detected vulnerabilities is an important factor in corporate cybersecurity. This is because the most critical vulnerabilities should be given an immediate attention. The process of vulnerability prioritization is further exacerbated by amounts of data produced by various security systems. Thus timely detection and elimination of a vulnerability critical to the company, is very difficult. In order to improve the efficiency of the vulnerability prioritisation process, in this paper a study of selected metrics that aim to facilitate detection of critical vulnerabilities is performed. |
doi_str_mv | 10.23919/SoftCOM52868.2021.9559094 |
format | conference_proceeding |
fullrecord | <record><control><sourceid>ieee_CHZPO</sourceid><recordid>TN_cdi_ieee_primary_9559094</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>9559094</ieee_id><sourcerecordid>9559094</sourcerecordid><originalsourceid>FETCH-ieee_primary_95590943</originalsourceid><addsrcrecordid>eNp9jsFKAzEUAKMgWHS_wEvwvutLsrF5R1kUPYjiSvVWUvsWn-wmJUnR-vWK9OxpDjOHEeJcQaMNKrzo41C6h3ur3aVrNGjVoLUI2B6ICucOrdEIClAfiply7bw21r0eiyrnDwAwGkyLOBMvV9sSJ1_4TXaLvq9XPtNaLrZjoORXPHLZycfEMXHh798sBunDWj5R3sSQSX5yeZddDIW-irwLQ0zTX3UqjgY_Zqr2PBFnN9fP3W3NRLTcJJ582i33y-Z_-wPrrkdb</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Automatic CVSS-based Vulnerability Prioritization and Response with Context Information</title><source>IEEE Xplore All Conference Series</source><creator>Walkowski, Michal ; Krakowiak, Maciej ; Jaroszewski, Marcin ; Oko, Jacek ; Sujecki, Slawomir</creator><creatorcontrib>Walkowski, Michal ; Krakowiak, Maciej ; Jaroszewski, Marcin ; Oko, Jacek ; Sujecki, Slawomir</creatorcontrib><description>Vulnerability prioritisation is essential in the process of the vulnerability management within an IT network environment. Accurate prioritisation of the detected vulnerabilities is an important factor in corporate cybersecurity. This is because the most critical vulnerabilities should be given an immediate attention. The process of vulnerability prioritization is further exacerbated by amounts of data produced by various security systems. Thus timely detection and elimination of a vulnerability critical to the company, is very difficult. In order to improve the efficiency of the vulnerability prioritisation process, in this paper a study of selected metrics that aim to facilitate detection of critical vulnerabilities is performed.</description><identifier>EISSN: 1847-358X</identifier><identifier>EISBN: 9789532901092</identifier><identifier>EISBN: 9532901094</identifier><identifier>DOI: 10.23919/SoftCOM52868.2021.9559094</identifier><language>eng</language><publisher>University of Split, FESB</publisher><subject>Business ; Common Vulnerability Scoring System ; Companies ; Computer crime ; Computer networks ; Cybersecurity ; Measurement ; Quality of Service ; Risk-Based Vulnerability Man-agement ; Software ; Telecommunications</subject><ispartof>2021 International Conference on Software, Telecommunications and Computer Networks (SoftCOM), 2021, p.1-6</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/9559094$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,780,784,789,790,27925,54555,54932</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/9559094$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Walkowski, Michal</creatorcontrib><creatorcontrib>Krakowiak, Maciej</creatorcontrib><creatorcontrib>Jaroszewski, Marcin</creatorcontrib><creatorcontrib>Oko, Jacek</creatorcontrib><creatorcontrib>Sujecki, Slawomir</creatorcontrib><title>Automatic CVSS-based Vulnerability Prioritization and Response with Context Information</title><title>2021 International Conference on Software, Telecommunications and Computer Networks (SoftCOM)</title><addtitle>SoftCOM</addtitle><description>Vulnerability prioritisation is essential in the process of the vulnerability management within an IT network environment. Accurate prioritisation of the detected vulnerabilities is an important factor in corporate cybersecurity. This is because the most critical vulnerabilities should be given an immediate attention. The process of vulnerability prioritization is further exacerbated by amounts of data produced by various security systems. Thus timely detection and elimination of a vulnerability critical to the company, is very difficult. In order to improve the efficiency of the vulnerability prioritisation process, in this paper a study of selected metrics that aim to facilitate detection of critical vulnerabilities is performed.</description><subject>Business</subject><subject>Common Vulnerability Scoring System</subject><subject>Companies</subject><subject>Computer crime</subject><subject>Computer networks</subject><subject>Cybersecurity</subject><subject>Measurement</subject><subject>Quality of Service</subject><subject>Risk-Based Vulnerability Man-agement</subject><subject>Software</subject><subject>Telecommunications</subject><issn>1847-358X</issn><isbn>9789532901092</isbn><isbn>9532901094</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2021</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><recordid>eNp9jsFKAzEUAKMgWHS_wEvwvutLsrF5R1kUPYjiSvVWUvsWn-wmJUnR-vWK9OxpDjOHEeJcQaMNKrzo41C6h3ur3aVrNGjVoLUI2B6ICucOrdEIClAfiply7bw21r0eiyrnDwAwGkyLOBMvV9sSJ1_4TXaLvq9XPtNaLrZjoORXPHLZycfEMXHh798sBunDWj5R3sSQSX5yeZddDIW-irwLQ0zTX3UqjgY_Zqr2PBFnN9fP3W3NRLTcJJ582i33y-Z_-wPrrkdb</recordid><startdate>20210923</startdate><enddate>20210923</enddate><creator>Walkowski, Michal</creator><creator>Krakowiak, Maciej</creator><creator>Jaroszewski, Marcin</creator><creator>Oko, Jacek</creator><creator>Sujecki, Slawomir</creator><general>University of Split, FESB</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>20210923</creationdate><title>Automatic CVSS-based Vulnerability Prioritization and Response with Context Information</title><author>Walkowski, Michal ; Krakowiak, Maciej ; Jaroszewski, Marcin ; Oko, Jacek ; Sujecki, Slawomir</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-ieee_primary_95590943</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2021</creationdate><topic>Business</topic><topic>Common Vulnerability Scoring System</topic><topic>Companies</topic><topic>Computer crime</topic><topic>Computer networks</topic><topic>Cybersecurity</topic><topic>Measurement</topic><topic>Quality of Service</topic><topic>Risk-Based Vulnerability Man-agement</topic><topic>Software</topic><topic>Telecommunications</topic><toplevel>online_resources</toplevel><creatorcontrib>Walkowski, Michal</creatorcontrib><creatorcontrib>Krakowiak, Maciej</creatorcontrib><creatorcontrib>Jaroszewski, Marcin</creatorcontrib><creatorcontrib>Oko, Jacek</creatorcontrib><creatorcontrib>Sujecki, Slawomir</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Xplore (Online service)</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Walkowski, Michal</au><au>Krakowiak, Maciej</au><au>Jaroszewski, Marcin</au><au>Oko, Jacek</au><au>Sujecki, Slawomir</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Automatic CVSS-based Vulnerability Prioritization and Response with Context Information</atitle><btitle>2021 International Conference on Software, Telecommunications and Computer Networks (SoftCOM)</btitle><stitle>SoftCOM</stitle><date>2021-09-23</date><risdate>2021</risdate><spage>1</spage><epage>6</epage><pages>1-6</pages><eissn>1847-358X</eissn><eisbn>9789532901092</eisbn><eisbn>9532901094</eisbn><abstract>Vulnerability prioritisation is essential in the process of the vulnerability management within an IT network environment. Accurate prioritisation of the detected vulnerabilities is an important factor in corporate cybersecurity. This is because the most critical vulnerabilities should be given an immediate attention. The process of vulnerability prioritization is further exacerbated by amounts of data produced by various security systems. Thus timely detection and elimination of a vulnerability critical to the company, is very difficult. In order to improve the efficiency of the vulnerability prioritisation process, in this paper a study of selected metrics that aim to facilitate detection of critical vulnerabilities is performed.</abstract><pub>University of Split, FESB</pub><doi>10.23919/SoftCOM52868.2021.9559094</doi></addata></record> |
fulltext | fulltext_linktorsrc |
identifier | EISSN: 1847-358X |
ispartof | 2021 International Conference on Software, Telecommunications and Computer Networks (SoftCOM), 2021, p.1-6 |
issn | 1847-358X |
language | eng |
recordid | cdi_ieee_primary_9559094 |
source | IEEE Xplore All Conference Series |
subjects | Business Common Vulnerability Scoring System Companies Computer crime Computer networks Cybersecurity Measurement Quality of Service Risk-Based Vulnerability Man-agement Software Telecommunications |
title | Automatic CVSS-based Vulnerability Prioritization and Response with Context Information |
url | http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-01T15%3A01%3A32IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_CHZPO&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Automatic%20CVSS-based%20Vulnerability%20Prioritization%20and%20Response%20with%20Context%20Information&rft.btitle=2021%20International%20Conference%20on%20Software,%20Telecommunications%20and%20Computer%20Networks%20(SoftCOM)&rft.au=Walkowski,%20Michal&rft.date=2021-09-23&rft.spage=1&rft.epage=6&rft.pages=1-6&rft.eissn=1847-358X&rft_id=info:doi/10.23919/SoftCOM52868.2021.9559094&rft.eisbn=9789532901092&rft.eisbn_list=9532901094&rft_dat=%3Cieee_CHZPO%3E9559094%3C/ieee_CHZPO%3E%3Cgrp_id%3Ecdi_FETCH-ieee_primary_95590943%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=9559094&rfr_iscdi=true |