Date: Mon, 7 Sep 2020 16:51:01 -0400 From: "Perry E. Metzger" <perry@...rmont.com> To: Pramod Rana <varchashva@...il.com> Cc: oss-security@...ts.openwall.com Subject: Re: Open Source Tool | vPrioritization | Risk Prioritization Framework On Sun, 6 Sep 2020 13:18:34 +0530 Pramod Rana <varchashva@...il.com> wrote: > Appreciate your comments. > > My two cents - Patch everything is far from reality to most (read > all) organizations "All" is clearly false; I know many organizations that patch all their hardware fast, and a few that do it essentially within hours (unless CI tests for the patched infra fail). I don't have good statistics, but the existence of some organizations of significant size capable of patching everything leads me to believe the obstacle isn't whether it's possible. Perry -- Perry E. Metzger perry@...rmont.com
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.