When considering vulnerability management’s purpose in a modern world, it’s imperative to recognize the huge transition to new technologies and how you manage risk within these different paradigms and environments (e.g., the cloud). Patch network security isn’t applicable in the same way for cloud environments, and few cloud providers assign Common Vulnerabilities and Exposures (CVE) identifiers to vulnerabilities. For vulnerability management teams who talk exclusively in this CVE-based construct, the lack of CVEs in cloud … More

The post Why cloud vulnerabilities need CVEs appeared first on Help Net Security.