|
Title:
|
COST REDUCTION ESTIMATION METHOD
OF A SOFTWARE VULNERABILITY MANAGEMENT
TOOL |
|
Author(s):
|
Satoshi Yashiro, Pranay Verma, Norihisa Komoda and Takenao Ohkawa |
|
ISBN:
|
978-989-8704-34-4 |
|
Editors:
|
Pedro IsaĆas and Hans Weghorn |
|
Year:
|
2021 |
|
Edition:
|
Single |
|
Type:
|
Full |
|
First Page:
|
205 |
|
Last Page:
|
210 |
|
Language:
|
English |
|
Cover:
|
|
|
Full Contents:
|
click to dowload 
|
|
Paper Abstract:
|
Software vulnerability identification is necessary work to have IT assets secure in organizations. There can be so many
vulnerabilities found as usual, and the severities of the vulnerabilities are various. Attack path analysis is known as
helpful to clarify the severities, and a vulnerability management tool with attack path analysis will reduce vulnerability
management cost. However, the amount of cost reduction by applying the tool is not clear in each case. Also, it is
difficult to estimate the amount of the cost reduction. In this paper, we introduce an efficient approach to estimate the
cost benefit of implementing a vulnerability management tool with attack path analysis into actual vulnerability
management process by integrating qualitative analysis with quantitative analysis. |
|
|
|
|
|
|
