Publication

Are we reasoning about cloud application vulnerabilities in the right way?

Stefano Simonetto, Peter Bosch

2023 · IEEE European Symposium on Security and Privacy

This poster argues for more realistic vulnerability prioritization in cloud-native systems by reasoning about chained weaknesses instead of isolated scores. It emphasizes the need for proactive defense and better attack-path-aware patch prioritization.