Last week lots of security patches were released by various vendors, especially Microsoft. It is always challenging for organizations to prioritize the patches for testing and implementation. nCircle, a provider of information risk and security performance management solutions, today announced a .Patch Priority Index. which is designed to help organizations prioritize the most critical vulnerabilities that should receive immediate remediation.
About the Patch Priority Index
nCircle’s Patch Priority Index (PPI) draws from a number of unique sources to create a thoroughly researched list of the most critical vulnerabilities affecting your network. Every month, nCircle VERT, a team of highly skilled security research engineers, considers a number of criteria to determine the most severe issues that can be patched in a given month to be a candidate for the list. For a vulnerability to be included on the PPI list it MUST have a patch available. VERT researches each vulnerability and ranks them using the following criteria:
- Attack Vector
- CVSS Score
- Availability of Exploit Code
- Popularity of the Service or Software
- Customer Feedback
- Worst Case Attack Scenarios
- Attack Outcome
These attributes are assigned to the vulnerabilities and then peppered with extensive VERT experience to create the ideal list of ‘Patch Now!’ vulnerabilities.