Scott WilsonThis is a decent overview of Continuous Threat Exposure Management ( #CTEM), which is a new-ish way to think about Vulnerability Management.
#infosec
https://securityaffairs.com/180871/security/how-ctem-boosts-visibility-and-shrinks-attack-surfaces-in-hybrid-and-cloud-environments.html
Martin Boller :debian: :tux: :freebsd: :windows: :mastodon:@scottwilson@infosec.exchange Not dissing the article, nor the (newer) term #CTEM, however isn't real time, prioritized, validated and continual improvement what we have wanted for many years?
Such as understanding actual exposure (the environmental metric in CVSS) etc.
(Might just be grumpy ol' me) <3
Xavier Β«XΒ» Santolaria :verified_paw: :donor:@scottwilson@infosec.exchange Common sense would be that every defense or mechanism to decrease risk is continuous ;) Not necessarily obvious to all though 
Scott Wilson@0x58@infosec.exchange Indeed! But I believe we know that in reality, that doesnβt happen.
Scott Wilson@0x58@infosec.exchange Indeed! But I believe we know that in reality, that doesnβt happen.
Xavier Β«XΒ» Santolaria :verified_paw: :donor:@scottwilson@infosec.exchange I'm really looking forward to the next "Continuous Zero Trust" approach. NOT!
Xavier Β«XΒ» Santolaria :verified_paw: :donor:@scottwilson@infosec.exchange I'm really looking forward to the next "Continuous Zero Trust" approach. NOT!