NIST has introduced a new way to estimate which software vulnerabilities have likely been exploited, and it’s calling on the cybersecurity community to help improve and validate the method. The new metric, “Likely Exploited Vulnerabilities” (LEV), aims to close a key gap in vulnerability management: identifying which of the thousands of reported flaws each year are actually being used in real-world attacks. Organizations typically rely on two main tools for this: the Exploit Prediction Scoring … More

The post NIST proposes new metric to gauge exploited vulnerabilities appeared first on Help Net Security.