The Ashimmy Blog: The future of vulnerability management

March 01, 2007

The future of vulnerability management

I while back I wrote a piece on vulnerability management being dead. This was followed with what I thought was one of the great panels of all times on the future of VM on our podcast. One thing that was clear to me was that vulnerability scanners and assessment tools were going to be used for different uses than they have been in the past. Whether for configuration management or as part of a policy driven network as I wrote about yesterday, people want more than just scanning and reporting. Another example of this is the deal announced yesterday between eEye and BMC. BMC will use scanner data to augment and correlate with their business management intelligence. This will provide hopefully better risk management and compliance to their customers. Again a different use for vulnerability scanners than traditional scan and report for vulnerabilities.

Congratulations to Ross and the rest of the team over at eEye on the deal.

Posted at 08:36 AM in vulnerability management | Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d83451e4d369e200d83462890f69e2

Listed below are links to weblogs that reference The future of vulnerability management:

» My Take on the future of Vulnerability Management from Rational Security
I've followed Alan Shimel's musings on the furture of vulnerability assessment (VA) and found myself nodding along for the most part about where Alan sees the VA market and technology heading:Over the past year, many have asked what is next [Read More]