In this Help Net Security video, Shankar Somasundaram, CEO at Asimily, explains how to build a risk-based vulnerability program. He notes that vulnerabilities are exploding by an order of magnitude in the age of AI-driven attacks, with one customer finding a thousand vulnerabilities for every one they knew about. Patching everything is not workable, and…
Tag: riskbased
AI, Global Security News, Risk Management
NIST admits defeat on NVD backlog, will enrich only highest-risk CVEs going forward
NIST is overhauling how it manages the National Vulnerability Database (NVD) and switching to a risk-based model that prioritizes “enrichment” of only the most critical CVE-numbered security vulnerabilities. “This change is driven by a surge in CVE submissions, which increased 263% between 2020 and 2025,” the National Institute of Standards and Technology said. “We don’t…