androidisking@lemmy.world to memes@lemmy.world · 1 year agoSo what's changed Microsoft?lemmy.worldimagemessage-square73linkfedilinkarrow-up1802arrow-down130
arrow-up1772arrow-down1imageSo what's changed Microsoft?lemmy.worldandroidisking@lemmy.world to memes@lemmy.world · 1 year agomessage-square73linkfedilink
minus-squareyannic@lemmy.calinkfedilinkarrow-up1·1 year agoTenable (or how our security folks have our scans configured) doesn’t seem to get that.
minus-squarecannibalkitteh@lemmy.blahaj.zonelinkfedilinkarrow-up2·1 year agoI used to have to explain it to them too, but could usually get them to understand by referencing the CVE and the breakdown from the MS security updates guide.
minus-squareyannic@lemmy.calinkfedilinkarrow-up2·1 year agoMy favourite is: Them: We want less red in the pie chart. Fix that remote vulnerability. Me: We don’t even have that component enabled. It’s reporting on a DLL file version, not the vulnerability itself. Them: Just lower our vulnerability score. (Me wondering if I deploying dozens of fully-patched systems would have the same proportional effect)
Tenable (or how our security folks have our scans configured) doesn’t seem to get that.
I used to have to explain it to them too, but could usually get them to understand by referencing the CVE and the breakdown from the MS security updates guide.
My favourite is:
Them: We want less red in the pie chart. Fix that remote vulnerability.
Me: We don’t even have that component enabled. It’s reporting on a DLL file version, not the vulnerability itself.
Them: Just lower our vulnerability score.
(Me wondering if I deploying dozens of fully-patched systems would have the same proportional effect)