{"id":4457,"date":"2022-01-19T22:30:06","date_gmt":"2022-01-19T22:30:06","guid":{"rendered":"https:\/\/mailinvest.blog\/index.php\/2022\/01\/19\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\/"},"modified":"2022-01-19T22:30:06","modified_gmt":"2022-01-19T22:30:06","slug":"use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register","status":"publish","type":"post","link":"https:\/\/mailinvest.blog\/index.php\/2022\/01\/19\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\/","title":{"rendered":"Use Twitter as well as CVSS to prioritize security patches \u2022 The Register"},"content":{"rendered":"<p> <a href=\"https:\/\/go.fiverr.com\/visit\/?bta=1052423&nci=17043\" Target=\"_Top\"><img loading=\"lazy\" decoding=\"async\" border=\"0\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/fiverr.ck-cdn.com\/tn\/serve\/?cid=40081059\"  width=\"601\" height=\"201\"><\/a>\n<\/p>\n<div id=\"body\">\n<p>Organizations looking to minimize exposure to exploitable software should scan Twitter for mentions of security bugs as well as use the Common Vulnerability Scoring System or CVSS, Kenna Security argues.<\/p>\n<p>Better still is prioritizing the repair of vulnerabilities for which exploit code is available, if that information is known.<\/p>\n<p><a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.first.org\/cvss\/\">CVSS<\/a> is a framework for rating the severity of software vulnerabilities (identified using <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/cve.mitre.org\/docs\/docs-2000\/cerias.html\">CVE<\/a>, or Common Vulnerability Enumeration, numbers), on a scale from 1 (least severe) to 10 (most severe). It&#8217;s overseen by First.org, a US-based, non-profit computer security organization.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\">\n        <noscript><br \/>\n            <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YeiQ7ptWUIkTuhXnG3FwYAAAAI0&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"><br \/>\n                <img decoding=\"async\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YeiQ7ptWUIkTuhXnG3FwYAAAAI0&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt=\"\"\/><\/a><br \/>\n        <\/noscript>\n    <\/div>\n<p>As an example, the initial Log4j vulnerability (<a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-44228\">CVE-2021-4422<\/a>) received a base CVSS score of 10.0. The Log4j CVSS score was also accompanied by additional data:<\/p>\n<pre class=\"wrap_text\">CVSS:3.0\/AV:N\/AC:L\/PR:N\/UI:N\/S:C\/C:H\/I:H\/A:H\n<\/pre>\n<p>This jumble of letters summarizes the framework version (3.0), the attack vector (network), the attack complexity (low), the privileges required (none), the user interaction required (none), whether the scope of potentially affected resources remains unchanged or not (changed), and impact metrics representing confidentiality, integrity and availability.<\/p>\n<p>CVSS scores can help organizations focus on fixing dangerous flaws first. Ideally, prioritization would not be necessary but there are often so many bugs to repair that large organizations find it&#8217;s not feasible to just fix everything at once. There were <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cvedetails.com\/browse-by-date.php\">more than 20,000<\/a> CVEs released last year, compared to just over 1,000 two decades ago.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\">\n            <noscript><br \/>\n                <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YeiQ7ptWUIkTuhXnG3FwYAAAAI0&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"><br \/>\n                    <img decoding=\"async\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YeiQ7ptWUIkTuhXnG3FwYAAAAI0&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt=\"\"\/><\/a><br \/>\n            <\/noscript>\n        <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\">\n                <noscript><br \/>\n                    <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YeiQ7ptWUIkTuhXnG3FwYAAAAI0&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"><br \/>\n                        <img decoding=\"async\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YeiQ7ptWUIkTuhXnG3FwYAAAAI0&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt=\"\"\/><\/a><br \/>\n                <\/noscript>\n            <\/div>\n<\/p><\/div>\n<p>While CVSS scores can inform vulnerability remediation strategies, Kenna Security, acquired last year by Cisco, argues that there are better prioritization signals like focusing on flaws with exploit code and counting the number of times a vulnerability is mentioned on Twitter.<\/p>\n<p>Kenna argues for using the Exploit Prediction Scoring System (<a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.first.org\/epss\/\">EPSS<\/a>), which is also maintained by First.org.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\">\n            <noscript><br \/>\n                <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YeiQ7ptWUIkTuhXnG3FwYAAAAI0&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"><br \/>\n                    <img decoding=\"async\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YeiQ7ptWUIkTuhXnG3FwYAAAAI0&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt=\"\"\/><\/a><br \/>\n            <\/noscript>\n        <\/div>\n<p>EPSS combines CVE data with exploit data in an effort to predict whether and when vulnerabilities will be exploited.<\/p>\n<p>&#8220;Prioritizing vulnerabilities with exploit code is 11 times more effective than Common Vulnerability Scoring System (CVSS) scores in minimizing exploitability,&#8221; said CTO and co-founder Ed Bellis in a <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.kennasecurity.com\/blog\/heres-how-to-measure-your-organizations-exploitability\/\">blog post<\/a> on Wednesday. &#8220;Mentions on Twitter, surprisingly, also have a much better signal-to-noise ratio than CVSS (about 2 times better).&#8221;<\/p>\n<p>The graph below uses EPSS with remediation velocity to evaluate vulnerability repair strategies:<\/p>\n<div class=\"CaptionedImage width_85\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/regmedia.co.uk\/2022\/01\/19\/kenna_security_graph01192022.png?x=648&amp;y=461&amp;infer_y=1\" alt=\"Kenna Security Exploit Prediction Scoring System graph\" title=\"Kenna Security Exploit Prediction Scoring System graph\" height=\"461\" width=\"648\"\/><\/p>\n<p class=\"text_center\">Image source: Kenna Security<\/p>\n<\/div>\n<p>Kenna Security has been working with the Cyentia Institute, a data science firm, to analyze vulnerability remediation data sets. Kenna has been publishing the findings in a series of reports, the latest of which is titled <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.kennasecurity.com\/resources\/prioritization-to-prediction-report-volume-eight\/\">Prioritization to Prediction Volume 8, Measuring and Minimizing Exploitability<\/a>.<\/p>\n<p>In an email, Jay Jacobs, partner and co-founder at the Cyentia Institute, told <em>The Register<\/em> that Twitter is a better yardstick than CVSS even when a vulnerability&#8217;s CVSS score is a 10 \u2013 which makes it obvious the flaw should be dealt with.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\">\n            <noscript><br \/>\n                <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YeiQ7ptWUIkTuhXnG3FwYAAAAI0&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"><br \/>\n                    <img decoding=\"async\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YeiQ7ptWUIkTuhXnG3FwYAAAAI0&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt=\"\"\/><\/a><br \/>\n            <\/noscript>\n        <\/div>\n<p>&#8220;That metric is looking at the performance of CVSS as a whole and using it as a prioritization strategy, so it is assuming companies are remediating according to the base score,&#8221; said Jacobs. &#8220;That means they start with all of the CVSS 10s in their environment and remediate those, then move on to the next highest CVSS score and so on. They continue this until they reach their capacity for remediation as discussed in the report.\u200b\u200b&#8221;<\/p>\n<p>The gist of the report is that prioritizing patches using an effective strategy can reduce an organization&#8217;s attack surface better than expanding internal capacity to apply patches.<\/p>\n<p>Chris Gibson, executive director of the Forum of Incident Response and Security Teams (FIRST), told <em>The Register<\/em> in an email that CVSS and EPSS measure different things \u2013 severity and risk, respectively.<\/p>\n<p>&#8220;One of the biggest challenges with CVSS has been end-user consumer education,&#8221; he said. &#8220;Many well-meaning consumers of CVSS simply stack rank vulnerabilities found in their products (CVE IDs) by CVSS Base Score and form an action\/mitigation plan based on that number alone. While by far the easiest method, it&#8217;s also the least apt and accurate. Additional inputs, such as Threat and Environment, must be taken into account to come up with an accurate assessment.&#8221;<\/p>\n<p>Pointing to <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.first.org\/cvss\/user-guide#2-1-CVSS-Measures-Severity-not-Risk\">an article<\/a> on the First.org website that addresses this, he emphasized that CVSS Base Score alone is not intended to communicate the risk of malicious exploitation.<\/p>\n<p>&#8220;Taken as a starting point, mitigated by real-time threat analysis such as EPSS and others, and amplified by the Security Requirements \u2014 some would call the risk tolerance \u2014 a scoring consumer can much better gauge and assess the appropriate measured response, priority, and urgency of a particular vulnerability,&#8221; he said.<\/p>\n<p>The Kenna\/Cyentia report also contains some noteworthy data about the exploitability of different tech vendors, based on EPSS.<\/p>\n<p>It says that while Microsoft is responsible for the largest number and for the most exploitable vulnerabilities, the Windows maker manages to fix its bugs faster than almost any other vendor. When exploitability is graphed against the time that vulnerabilities linger unaddressed, HP and IBM stand out as laggards.<\/p>\n<div class=\"CaptionedImage width_85\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/mailinvest.blog\/wp-content\/themes\/breek\/assets\/images\/transparent.gif\" data-lazy=\"true\" data-src=\"https:\/\/regmedia.co.uk\/2022\/01\/19\/kenna_report_image.png?x=648&amp;y=389&amp;infer_y=1\" alt=\"Kenna Security report graph of exploitability\/persistence\" title=\"Kenna Security report graph of exploitability\/persistence\" height=\"389\" width=\"648\"\/><\/p>\n<p class=\"text_center\">Image source: Kenna Security<\/p>\n<\/div>\n<p>Google, meanwhile, gets a nod for low exploitability and rapid repair time. &#8220;&#8230;Google is in a class of its own in terms of low exploitability and high remediation velocity,&#8221; the report says. \u00ae<\/p>\n<\/p><\/div>\n<iframe data-lazy=\"true\" data-src=\"https:\/\/www.fiverr.com\/gig_widgets?id=U2FsdGVkX18x7XQvttUTrv1oEqmGNGTgvvCUiUoJ\/AP4z\/UyMz8lXGOLpu15jIMxBbTR0gmD5uBoFvhC4KWeALQRp3h\/X\/AwcVD0K8Wj9H\/ZzYKzcCNHosB9oS4SCJJFWiN85P9ICAc4OgCoE\/wHKIY7CDkf2\/DQ1vqGvk4smVe5cRDEmrLPCWi4FC8p40VUhSmWQ5udCm0zoJtorgWv3vbDQw0kKYkwn39ozAnQXDe+YvWMxkLFWA+O3TFwkJvdkIK+\/AUSnRssPKt5WHY0FhNOxnSPcLslEL4G4\/RfP95ve99U+kRnDy3X+KtzdQLY+u935ghON\/o3UE4IMv9oN6JX9RnxzL\/LRcOgnHigxStSGPKsZYtnz8RWNVT\/rOLAibqiWJadC5MYHRbekF3eg6FOGrQGkXYbsn0+a5aovnlLCbLwIqY9fcS17UX8J235iQ6cdmHNbrPeS84CMm34RA==&affiliate_id=1052423&strip_google_tagmanager=true\" loading=\"lazy\" data-with-title=\"true\" class=\"fiverr_nga_frame\" frameborder=\"0\" height=\"350\" width=\"100%\" referrerpolicy=\"no-referrer-when-downgrade\" data-mode=\"random_gigs\" onload=\" var frame = this; var script = document.createElement('script'); script.addEventListener('load', function() { window.FW_SDK.register(frame); }); script.setAttribute('src', 'https:\/\/www.fiverr.com\/gig_widgets\/sdk'); document.body.appendChild(script); \" ><\/iframe>\n<br \/><a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2022\/01\/19\/twitter_cvss_vulnerabilites\/\">Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Organizations looking to minimize exposure to exploitable software should scan Twitter for mentions of security bugs as well as use the Common Vulnerability Scoring System&#8230;<\/p>\n","protected":false},"author":1,"featured_media":4458,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-4457","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tech-universe"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Use Twitter as well as CVSS to prioritize security patches \u2022 The Register - mailinvest.blog<\/title>\n<meta name=\"description\" content=\"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what&#039;s new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/mailinvest.blog\/index.php\/2022\/01\/19\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Use Twitter as well as CVSS to prioritize security patches \u2022 The Register - mailinvest.blog\" \/>\n<meta property=\"og:description\" content=\"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what&#039;s new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/mailinvest.blog\/index.php\/2022\/01\/19\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\/\" \/>\n<meta property=\"og:site_name\" content=\"mailinvest.blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/freelanceracademic\/\" \/>\n<meta property=\"article:published_time\" content=\"2022-01-19T22:30:06+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/mailinvest.blog\/wp-content\/uploads\/2022\/01\/twitter2_shutterstock_659066794.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"648\" \/>\n\t<meta property=\"og:image:height\" content=\"448\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"admin@mailinvest.blog\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin@mailinvest.blog\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/01\\\/19\\\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/01\\\/19\\\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\\\/\"},\"author\":{\"name\":\"admin@mailinvest.blog\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#\\\/schema\\\/person\\\/012701c4c204d4e4ebd34f926cfd31a4\"},\"headline\":\"Use Twitter as well as CVSS to prioritize security patches \u2022 The Register\",\"datePublished\":\"2022-01-19T22:30:06+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/01\\\/19\\\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\\\/\"},\"wordCount\":853,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/01\\\/19\\\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/twitter2_shutterstock_659066794.jpg\",\"articleSection\":[\"Tech Universe\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/01\\\/19\\\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/01\\\/19\\\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\\\/\",\"url\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/01\\\/19\\\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\\\/\",\"name\":\"Use Twitter as well as CVSS to prioritize security patches \u2022 The Register - mailinvest.blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/01\\\/19\\\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/01\\\/19\\\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/twitter2_shutterstock_659066794.jpg\",\"datePublished\":\"2022-01-19T22:30:06+00:00\",\"description\":\"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what's new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/01\\\/19\\\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/01\\\/19\\\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/01\\\/19\\\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\\\/#primaryimage\",\"url\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/twitter2_shutterstock_659066794.jpg\",\"contentUrl\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/twitter2_shutterstock_659066794.jpg\",\"width\":648,\"height\":448},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/01\\\/19\\\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/mailinvest.blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Use Twitter as well as CVSS to prioritize security patches \u2022 The Register\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#website\",\"url\":\"https:\\\/\\\/mailinvest.blog\\\/\",\"name\":\"mailinvest.blog\",\"description\":\"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis. mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what&#039;s new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.\",\"publisher\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/mailinvest.blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#organization\",\"name\":\"mailinvest\",\"url\":\"https:\\\/\\\/mailinvest.blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/default.png\",\"contentUrl\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/default.png\",\"width\":1000,\"height\":1000,\"caption\":\"mailinvest\"},\"image\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/freelanceracademic\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#\\\/schema\\\/person\\\/012701c4c204d4e4ebd34f926cfd31a4\",\"name\":\"admin@mailinvest.blog\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g\",\"caption\":\"admin@mailinvest.blog\"},\"sameAs\":[\"https:\\\/\\\/mailinvest.blog\",\"admin@mailinvest.blog\"],\"url\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/author\\\/adminmailinvest-blog\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Use Twitter as well as CVSS to prioritize security patches \u2022 The Register - mailinvest.blog","description":"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what's new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/mailinvest.blog\/index.php\/2022\/01\/19\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\/","og_locale":"en_US","og_type":"article","og_title":"Use Twitter as well as CVSS to prioritize security patches \u2022 The Register - mailinvest.blog","og_description":"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what's new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.","og_url":"https:\/\/mailinvest.blog\/index.php\/2022\/01\/19\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\/","og_site_name":"mailinvest.blog","article_publisher":"https:\/\/www.facebook.com\/freelanceracademic\/","article_published_time":"2022-01-19T22:30:06+00:00","og_image":[{"width":648,"height":448,"url":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2022\/01\/twitter2_shutterstock_659066794.jpg","type":"image\/jpeg"}],"author":"admin@mailinvest.blog","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin@mailinvest.blog","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/mailinvest.blog\/index.php\/2022\/01\/19\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\/#article","isPartOf":{"@id":"https:\/\/mailinvest.blog\/index.php\/2022\/01\/19\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\/"},"author":{"name":"admin@mailinvest.blog","@id":"https:\/\/mailinvest.blog\/#\/schema\/person\/012701c4c204d4e4ebd34f926cfd31a4"},"headline":"Use Twitter as well as CVSS to prioritize security patches \u2022 The Register","datePublished":"2022-01-19T22:30:06+00:00","mainEntityOfPage":{"@id":"https:\/\/mailinvest.blog\/index.php\/2022\/01\/19\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\/"},"wordCount":853,"commentCount":0,"publisher":{"@id":"https:\/\/mailinvest.blog\/#organization"},"image":{"@id":"https:\/\/mailinvest.blog\/index.php\/2022\/01\/19\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\/#primaryimage"},"thumbnailUrl":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2022\/01\/twitter2_shutterstock_659066794.jpg","articleSection":["Tech Universe"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/mailinvest.blog\/index.php\/2022\/01\/19\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/mailinvest.blog\/index.php\/2022\/01\/19\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\/","url":"https:\/\/mailinvest.blog\/index.php\/2022\/01\/19\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\/","name":"Use Twitter as well as CVSS to prioritize security patches \u2022 The Register - mailinvest.blog","isPartOf":{"@id":"https:\/\/mailinvest.blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/mailinvest.blog\/index.php\/2022\/01\/19\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\/#primaryimage"},"image":{"@id":"https:\/\/mailinvest.blog\/index.php\/2022\/01\/19\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\/#primaryimage"},"thumbnailUrl":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2022\/01\/twitter2_shutterstock_659066794.jpg","datePublished":"2022-01-19T22:30:06+00:00","description":"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what's new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.","breadcrumb":{"@id":"https:\/\/mailinvest.blog\/index.php\/2022\/01\/19\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/mailinvest.blog\/index.php\/2022\/01\/19\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mailinvest.blog\/index.php\/2022\/01\/19\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\/#primaryimage","url":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2022\/01\/twitter2_shutterstock_659066794.jpg","contentUrl":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2022\/01\/twitter2_shutterstock_659066794.jpg","width":648,"height":448},{"@type":"BreadcrumbList","@id":"https:\/\/mailinvest.blog\/index.php\/2022\/01\/19\/use-twitter-as-well-as-cvss-to-prioritize-security-patches-the-register\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/mailinvest.blog\/"},{"@type":"ListItem","position":2,"name":"Use Twitter as well as CVSS to prioritize security patches \u2022 The Register"}]},{"@type":"WebSite","@id":"https:\/\/mailinvest.blog\/#website","url":"https:\/\/mailinvest.blog\/","name":"mailinvest.blog","description":"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis. mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what&#039;s new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.","publisher":{"@id":"https:\/\/mailinvest.blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/mailinvest.blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/mailinvest.blog\/#organization","name":"mailinvest","url":"https:\/\/mailinvest.blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mailinvest.blog\/#\/schema\/logo\/image\/","url":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2022\/01\/default.png","contentUrl":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2022\/01\/default.png","width":1000,"height":1000,"caption":"mailinvest"},"image":{"@id":"https:\/\/mailinvest.blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/freelanceracademic\/"]},{"@type":"Person","@id":"https:\/\/mailinvest.blog\/#\/schema\/person\/012701c4c204d4e4ebd34f926cfd31a4","name":"admin@mailinvest.blog","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g","caption":"admin@mailinvest.blog"},"sameAs":["https:\/\/mailinvest.blog","admin@mailinvest.blog"],"url":"https:\/\/mailinvest.blog\/index.php\/author\/adminmailinvest-blog\/"}]}},"_links":{"self":[{"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/posts\/4457","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/comments?post=4457"}],"version-history":[{"count":0,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/posts\/4457\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/media\/4458"}],"wp:attachment":[{"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/media?parent=4457"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/categories?post=4457"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/tags?post=4457"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}