It's Time to Align Your Vulnerability Management Priorities With the Biggest Threats

Wedge Networks would like to offer this Gartner report with our compliments!


In the Gartner report, analyst Craig Lawson, explains how "Vulnerabilities and their exploitation are still the root cause of most breaches. IT security leaders should refocus their attention on how vulnerabilities are being managed and should track this metric to provide visibility as to how to reduce the biggest risks of being breached."


The report covers the following Key Challenges:

  • The exploitation of known, but unmitigated, vulnerabilities is the primary method of compromise for most threats. Meanwhile, "zero days" are only approximately 0.4% of vulnerabilities during the past decade, but their risk to most companies is out of balance with the attention they get.
  • Vulnerability remediation prioritization is not taking into account the biggest risks.
  • Breach report data and Gartner research highlight that only a small number of vulnerabilities go on to be exploited in real-world attacks.
  • The lofty goal of "patch everything, all the time, everywhere" is not only rarely fulfilled, it is causing friction between IT security and IT operations.
  • Traditional vulnerability severity rating schemes — such as First's Common Vulnerability Scoring System score or the classical "critical, high, medium and low" rankings — can provide base measures of the criticality and impact of vulnerabilities; however, they don't take into account what then is actually exploited "in the wild."
  • Attackers are able to easily and cost-effectively obfuscate attacks that leverage existing vulnerabilities for effective and pro table outcomes.Read the Gartner report to learn more.

It's Time to Align Your Vulnerability Management Priorities With the Biggest Threats, 2016 | Craig Lawson | 09 September 2016

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

The Gartner Logo is a trademark and service mark of Gartner, Inc., and/or its affiliates, and is used herein with permission. All rights reserved.

Please provide the following information in order to access the Gartner Report (fields with "*" are mandatory). For further information, please feel free to contact Wedge Marketing at:

Note: In the "Promo Code" field, please put "Gartner Report" (case sensitive).  After submitting the form, you will be redirected to the Gartner Report.  If the Gartner Report did not load, or, if you would like to be contacted immediately to explore further interest, please email Wedge Marketing: