MTTR (Mean Time to Remediate)
Mean time to remediate (MTTR) is a key performance indicator
(KPI) that measures how long it takes to fix a failed component or security
vulnerability:
Definition
MTTR is the average time it takes to resolve a security
vulnerability after it's been discovered. It's calculated by dividing the total
time from detection to remediation by the total number of incidents.
Importance
MTTR is important because it helps reduce the time that
systems are exposed to risk, which can lead to follow-on attacks and additional
incidents. It also helps minimize potential damage and enhance customer trust.
Calculation
MTTR can be calculated on a case-by-case basis or on a
macro level. It only includes closed vulnerabilities, and doesn't include false
positives or open vulnerabilities.
Security tools
Security tools like JFrog x-ray, Aquasec, PrismaCloud,
Blackduck, Coverity, Synk, Veracode, Fortify, and Checkmarx can help identify
vulnerabilities and classify their risk exposure.
No comments:
Post a Comment