A New Look at Vulnerability ManagementFlexera's Lavie on the Need for a New Software Security Strategy
For too many organizations, software vulnerability management is just about "patch Tuesday." But Alejandro Lavie of Flexera says organizations need to adopt a new strategy focusing on visibility, prioritized response and mitigation.
Lavie, director of security strategy at Flexera, says vulnerability management has evolved significantly in the past few years.
"If you look back at when the wave of vulnerability scanners started a few years ago, it was about finding vulnerabilities and [rooting] them out," he says. It was more about vulnerability discovery. "But in the modern era ... it's not just about finding what's wrong; it should be about finding out what vulnerabilities there are in applications, devices and even in processes, and finding a way collaboratively ... to fix, mitigate or patch those vulnerabilities."
In an interview about vulnerability management, Lavie discusses:
- Where traditional approaches fall apart;
- Open source software challenges;
- The three keys to success.
Lavie is the Director of Security Strategy for Flexera. He has 20 years of consulting and business development experience in four countries, focused around enterprise software in cybersecurity, IT operations, service management and optimisation. He is originally from Venezuela, but now lives in North Carolina, USA with his family, and when he is not traveling with customers and partners, he is training for triathlons.