How is your business handling weekly VMaaS reporting? What reports are provided to leadership and the Board to show progress even though a new High/Critical vulnerability rears its ugly head every week? It's a very ending; why do you have so many critical and high vulnerabilities? We do provide the volume of remediated vulnerabilities based on severity and age. However, I am curious what other security experts are providing to their leadership.

We don't provide the stats about the vulnerabilies to the board but the efficacy/efficiency of the vulnerability management process in term of adherence to the SLA.

Anonymous Author
We don't provide the stats about the vulnerabilies to the board but the efficacy/efficiency of the vulnerability management process in term of adherence to the SLA.
0 upvotes