December 5, 2022
CISA outlines vulnerability management strategy to address exploits through automation
The Cybersecurity and Infrastructure Security Agency’s vulnerability management strategy relies heavily on automation, and includes the use of an industry framework for crafting advisories on exploits and a tool jointly developed with Carnegie Mellon to help with remediation.
The agency outlines the three-part strategy in a recent blog post from CISA cyber head Eric Goldstein.
“First, we must introduce greater automation into vulnerability management, including by expanding use of the Common Security Advisory Framework (CSAF),” Goldstein writes. The...