Developing a Value-Based Software Vulnerability Patching Scheme
| dc.contributor.author | Auvinen, Teemu | |
| dc.contributor.department | fi=Tietotekniikan laitos|en=Department of Computing| | |
| dc.contributor.faculty | fi=Teknillinen tiedekunta|en=Faculty of Technology| | |
| dc.contributor.studysubject | fi=Information and Communication Technology|en=Information and Communication Technology| | |
| dc.date.accessioned | 2024-12-19T22:06:02Z | |
| dc.date.available | 2024-12-19T22:06:02Z | |
| dc.date.issued | 2024-12-18 | |
| dc.description.abstract | A problem faced by many companies with sizable cyber ecosystem is the prevalence of security vulnerabilities affecting their various resources. All vulnerabilities are not created equal - one may merely allow a slight inconvenience in very specific conditions, and another may enable a malicious party to completely hijack a system at will. To classify them, many systems such as CVSS exist and are being widely used, but they generally do not represent the risk that the presence of a vulnerability affects objectively. In this thesis we aim to deliver a set of schemes that first help define the more difficult aspects of CVSS, then we use a set of risk management and vulnerability analysis tools to create a tool for evaluating the financial risk they impose, and finally craft a framework for prioritizing vulnerability management work in a way that is comparable with other work done in the organization. | |
| dc.format.extent | 75 | |
| dc.identifier.olddbid | 196532 | |
| dc.identifier.oldhandle | 10024/179575 | |
| dc.identifier.uri | https://www.utupub.fi/handle/11111/25517 | |
| dc.identifier.urn | URN:NBN:fi-fe20241219105617 | |
| dc.language.iso | eng | |
| dc.rights | fi=Julkaisu on tekijänoikeussäännösten alainen. Teosta voi lukea ja tulostaa henkilökohtaista käyttöä varten. Käyttö kaupallisiin tarkoituksiin on kielletty.|en=This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.| | |
| dc.rights.accessrights | suljettu | |
| dc.source.identifier | https://www.utupub.fi/handle/10024/179575 | |
| dc.subject | CVSS, EPSS, RISKEE, risk, value, security, severity | |
| dc.title | Developing a Value-Based Software Vulnerability Patching Scheme | |
| dc.type.ontasot | fi=Diplomityö|en=Master's thesis| |
Tiedostot
1 - 1 / 1