The word “vulnerability” typically comes with a “must fix now” response. However, not all vulnerabilities should be treated equally because not all of them pose a risk. It all depends on what the data represents. In fact, some vulnerabilities are OK to deprioritize, depending on associated threats and the value of the asset at risk. For example, a lock on a 20th floor window of a building is not as important as one on the ground level, unless the contents of the room are so valuable that a thief would take the effort to access such an unreachable place. Scans reveal thousands of vulnerabilities across all assets – networks, applications, systems and devices – but they do not show which ones could lead to a damaging compromise if not fixed immediately. It is not about ignoring vulnerabilities; it is about prioritizing how you apply your resources to remediate them. Bay Dynamics provides some examples of vulnerabilities that are OK to put on the back burner.
More Stories
Smashing Security podcast #411: The fall of Troy, and whisky barrel scammers
Renowned cybersecurity expert Troy Hunt falls victim to a phishing attack, resulting in the exposure of thousands of subscriber details,...
Stripe API Skimming Campaign Unveils New Techniques for Theft
A novel skimming attack has been observed by Jscramber, using the Stripe API to steal payment information by injecting malicious...
Royal Mail Investigates Data Breach Affecting Supplier
A cyber threat actor has claimed to have leaked 144GB of data from Royal Mail users Read More
Gray Bots Surge as Generative AI Scraper Activity Increases
Gray bots surge as generative AI scraper activity increases, impacting web applications with millions of requests daily Read More
Bybit Heist Fuels Record Crypto-Theft Surge, Says CertiK
Hackers stole $1.67bn of cryptocurrencies in the first quarter of 2025, a 303% increase Read More
Rational Astrologies and Security
John Kelsey and I wrote a short paper for the Rossfest Festschrift: “Rational Astrologies and Security“: There is another non-security...