REVIEW 3 cited by
A Survey on Vulnerability Prioritization: Taxonomy, Metrics, and Research Challenges
Not yet reviewed by Pith; the record is open.
This paper has not been read by Pith yet. Machine review is queued; the pith claim, tier, and objections will appear here once it completes.
SPECIMEN: schema-true, not a live event
T0 review · schema-true
One-sentence machine reading of the paper's core claim.
pith:XXXXXXXX · record.json · timestamp
A Survey on Vulnerability Prioritization: Taxonomy, Metrics, and Research Challenges
read the original abstract
In the highly interconnected digital landscape of today, safeguarding complex infrastructures against cyber threats has become increasingly challenging due to the exponential growth in the number and complexity of vulnerabilities. Resource constraints necessitate effective vulnerability prioritization strategies, focusing efforts on the most critical risks. This paper presents a systematic literature review of 82 studies, introducing a novel taxonomy that categorizes metrics into severity, exploitability, contextual factors, predictive indicators, and aggregation methods. Our analysis reveals significant gaps in existing approaches and challenges with multi-domain applicability. By emphasizing the need for dynamic, context-aware metrics and scalable solutions, we provide actionable insights to bridge the gap between research and real-world applications. This work contributes to the field by offering a comprehensive framework for evaluating vulnerability prioritization methodologies and setting a research agenda to advance the state of practice.
Forward citations
Cited by 3 Pith papers
-
From Legacy Documentation to OSCAL: An MCP-Based Agent Pipeline for Threat-Informed Continuous Compliance in Critical Infrastructure
An MCP-grounded eight-phase agent pipeline converts natural-language critical-infrastructure descriptions into source-verified knowledge graphs and schema-valid OSCAL SSP/SAR artifacts, with 0.90 CVE recall on a synth...
-
AI Native Asset Intelligence
The paper presents a modeling-plus-scoring framework that turns fragmented security signals into stable asset-level importance scores by separating intrinsic exposure from business and data context, evaluated on 131k ...
-
AI Native Asset Intelligence
AI-native asset intelligence framework converts heterogeneous security signals into normalized asset importance scores by separating intrinsic exposure from contextual factors using modeling and deterministic aggregation.
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.