Inside Cybersecurity

December 5, 2022

Daily News

CISA outlines vulnerability management strategy to address exploits through automation

By Sara Friedman / November 15, 2022

The Cybersecurity and Infrastructure Security Agency’s vulnerability management strategy relies heavily on automation, and includes the use of an industry framework for crafting advisories on exploits and a tool jointly developed with Carnegie Mellon to help with remediation.

The agency outlines the three-part strategy in a recent blog post from CISA cyber head Eric Goldstein.

“First, we must introduce greater automation into vulnerability management, including by expanding use of the Common Security Advisory Framework (CSAF),” Goldstein writes. The...


Log in to access this content.


Not a subscriber? Sign up for 30 days free access to exclusive news and analysis on cybersecurity regulations and more.