Scanning for Flaws, Scoring for Security
Krebs on Security
DECEMBER 12, 2018
Is it fair to judge an organization’s information security posture simply by looking at its Internet-facing assets for weaknesses commonly sought after and exploited by attackers, such as outdated software or accidentally exposed data and devices? Fair or not, a number of nascent efforts are using just such an approach to derive security scores for companies and entire industries. the security posture of vendor partners).