What is SSVC? SSVC, a vulnerability prioritization methodology, was introduced to the cyber security market in April 2021 by security researchers at Carnegie Mellon University’s Software Engineering Institute (SEI) and the Cybersecurity and Infrastructure Security Agency (CISA). The SSVC method was created to help security analysts and vulnerability managers with vulnerability prioritization decision-making. How does… Continue reading The SSVC risk prioritization method: what it is, when to use it, and alternatives