Skip to the content.

Vulnerability Lifecycle

Understanding software vulnerabilities is a key aspect of cyber security

14 papers and 8 talks


Technical advancements within software design and development have not prevented the release of insecure software and consequently the appearance of vulnerabilities. Economic and other non-technical incentives increasingly are perceived as the primary reasons for today’s heightened risk exposure. The life cycle of a vulnerability can be divided into phases between distinct events such as “discovery”, “disclosure”, etc. Each phase reflects a specific state of the vulnerability and the associated risk exposure for the users of the affected software. I analyzed the evolution of the vulnerability lifecycle of thousands of vulnerabilities over the past decades.