Patent attributes
Methods and systems described herein are directed to measuring cybersecurity vulnerability management programs and readiness. A vulnerability management program evaluation system can define vulnerability management capabilities and technologies supporting execution of those capabilities. Once defined, the system can conduct an initial assessment including scoring for the capabilities representing a depth of vulnerability management, as well as scoring for the technologies representing a breadth of vulnerability management. To update the initial assessment, the system can track the ongoing progress of projects that can affect the depth and/or breadth of vulnerability management, and then recalculate the scoring. At any time, the system can combine the depth and breadth to determine a comprehensive vulnerability management score.
