The Laws Of Vulnerabilities For Internal Networks presented at Blackhat USA 2004

by Gerhard Eschelbeck,

Tags: Security Risk

Summary : New vulnerabilities to internal
networks are discovered and published on a daily base. With each
such announcement, the same questions arise. How significant is
this vulnerability? How prevalent is this vulnerability? How
easy is this vulnerability to exploit? Are any of my systems
affected by this vulnerability? Due to lack of global vulnerability
data, answers to these questions are often hard to find and risk rating
is even more difficult.