{"id":497,"date":"2023-11-29T15:27:27","date_gmt":"2023-11-29T14:27:27","guid":{"rendered":"https:\/\/www.cybi.fr\/?p=497"},"modified":"2023-11-29T16:07:14","modified_gmt":"2023-11-29T15:07:14","slug":"les-indicateurs-de-vulnerabilites","status":"publish","type":"post","link":"https:\/\/www.cybi.fr\/index.php\/2023\/11\/29\/les-indicateurs-de-vulnerabilites\/","title":{"rendered":"Les indicateurs de vuln\u00e9rabilit\u00e9s"},"content":{"rendered":"\n<p>Face \u00e0 la recrudescence des cybermenaces, les RSSI doivent analyser finement les vuln\u00e9rabilit\u00e9s pour \u00e9valuer correctement leur niveau de criticit\u00e9 et hi\u00e9rarchiser les actions de rem\u00e9diation.<\/p>\n\n\n\n<p>Plusieurs indicateurs et standards permettent d&rsquo;enrichir une vuln\u00e9rabilit\u00e9 au-del\u00e0 de sa simple criticit\u00e9 technique mesur\u00e9e par le CVSS.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Le score de vuln\u00e9rabilit\u00e9 CVSS<\/h2>\n\n\n\n<p>Le score CVSS (Common Vulnerability Scoring System) est un standard international d&rsquo;\u00e9valuation des failles de s\u00e9curit\u00e9.<\/p>\n\n\n\n<p>Il s&rsquo;appuie sur trois m\u00e9triques :<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Vecteurs d&rsquo;attaque<\/li><li>Complexit\u00e9 d&rsquo;exploitation<\/li><li>Impacts m\u00e9tier<\/li><\/ul>\n\n\n\n<p>Le score CVSS, compris entre 0 et 10, mesure la criticit\u00e9 intrins\u00e8que d&rsquo;une vuln\u00e9rabilit\u00e9. Il est une premi\u00e8re brique dans l&rsquo;analyse de risque, mais ne refl\u00e8te pas les menaces r\u00e9elles pesant sur l&rsquo;entreprise. Un score CVSS \u00e9lev\u00e9 ne signifie pas forc\u00e9ment que la vuln\u00e9rabilit\u00e9 sera r\u00e9ellement exploit\u00e9e.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">L&rsquo;Exploit Prediction Scoring System (EPSS)<\/h2>\n\n\n\n<p>L&rsquo;Exploit Prediction Scoring System (EPSS) est un syst\u00e8me de notation des vuln\u00e9rabilit\u00e9s qui vise \u00e0 estimer la facilit\u00e9 d&rsquo;exploitation d&rsquo;une faille de s\u00e9curit\u00e9 et le niveau de privil\u00e8ges qu&rsquo;un pirate pourrait obtenir en la exploitant.<\/p>\n\n\n\n<p>Concr\u00e8tement, l&rsquo;EPSS se base sur 4 crit\u00e8res :<\/p>\n\n\n\n<ol class=\"wp-block-list\"><li><strong>La complexit\u00e9 d&rsquo;exploitation<\/strong> : une faille facile \u00e0 exploiter aura un score EPSS plus \u00e9lev\u00e9.<\/li><li><strong>Le niveau d&rsquo;acc\u00e8s obtenu<\/strong> : une vuln\u00e9rabilit\u00e9 permettant d&rsquo;obtenir des privil\u00e8ges \u00e9lev\u00e9s (administrateur par exemple) marquera plus de points EPSS.<\/li><li>La <strong>configuration requise pour l&rsquo;exploitation<\/strong> : moins il y a de conditions \u00e0 remplir, plus le score EPSS est important.<\/li><li>La <strong>port\u00e9e de l&rsquo;exploitation<\/strong> : une faille exploitable \u00e0 distance marquera davantage de points EPSS qu&rsquo;une vuln\u00e9rabilit\u00e9 n\u00e9cessitant un acc\u00e8s local.<\/li><\/ol>\n\n\n\n<p>En fusionnant ces diff\u00e9rents aspects, l&rsquo;EPSS donne un aper\u00e7u rapide de la criticit\u00e9 r\u00e9elle d&rsquo;une vuln\u00e9rabilit\u00e9 et de la probabilit\u00e9 que des hackers malintentionn\u00e9s parviennent \u00e0 l&rsquo;exploiter.<\/p>\n\n\n\n<p>Contrairement au CVSS qui mesure la s\u00e9v\u00e9rit\u00e9 intrins\u00e8que d&rsquo;une faille, l&rsquo;EPSS estime le risque d&rsquo;exploitation concret dans le contexte de l&rsquo;organisation. Cet indicateur enrichit donc utilement l&rsquo;analyse de risques r\u00e9alis\u00e9e par les RSSI.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Le classement des vuln\u00e9rabilit\u00e9s selon la CISA<\/h2>\n\n\n\n<p>Aux Etats-Unis, la Cybersecurity and Infrastructure Security Agency (CISA) publie r\u00e9guli\u00e8rement des bulletins listant les vuln\u00e9rabilit\u00e9s jug\u00e9es les plus critiques pour les infrastructures nationales.<\/p>\n\n\n\n<p>Ce <strong>classement CISA<\/strong> distingue 3 cat\u00e9gories :<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Urgent (10 jours max pour patcher)<\/li><li>\u00c9lev\u00e9 (30 jours)<\/li><li>Moyen (90 jours)<\/li><\/ul>\n\n\n\n<p>Bien que centr\u00e9 sur les services essentiels (\u00e9nergie, eau, transport&#8230;), ce classement fournit un \u00e9clairage pr\u00e9cieux pour tout RSSI souhaitant prioriser ses plans d&rsquo;actions.<\/p>\n\n\n\n<p>En France, l&rsquo;ANSSI publie \u00e9galement des bulletins de veille listant les vuln\u00e9rabilit\u00e9s n\u00e9cessitant un traitement prioritaire.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Analyse MITRE ATT&amp;CK des vuln\u00e9rabilit\u00e9s<\/h2>\n\n\n\n<p>Le framework MITRE ATT&amp;CK est progressivement devenu un standard dans l&rsquo;analyse des cybermenaces.<\/p>\n\n\n\n<p>Cette matrice, maintenue par des experts en s\u00e9curit\u00e9 offensive, d\u00e9crit l&rsquo;ensemble des <strong>tactiques et techniques<\/strong> utilis\u00e9es lors d&rsquo;une cyberattaque.<\/p>\n\n\n\n<p>ATT&amp;CK permet d&rsquo;enrichir les vuln\u00e9rabilit\u00e9s avec deux indicateurs essentiels pour l&rsquo;\u00e9valuation des risques :<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Potentiel d&rsquo;acc\u00e8s initial<\/strong> au syst\u00e8me d&rsquo;information<\/li><li><strong>Potentiel de contr\u00f4le \u00e0 distance<\/strong> en cas d&rsquo;exploitation<\/li><\/ul>\n\n\n\n<p>Ces indicateurs ATT&amp;CK compl\u00e8tent utilement une analyse de type CVSS centr\u00e9e sur les aspects techniques. Ils aident le RSSI \u00e0 prioriser les vuln\u00e9rabilit\u00e9s offrant une porte d&rsquo;entr\u00e9e attractive aux attaquants dans le SI.<\/p>\n\n\n\n<p>L&rsquo;application SCUBA int\u00e8gre par exemple ce moteur d&rsquo;analyse MITRE ATT&amp;CK des vuln\u00e9rabilit\u00e9s.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Passer d&rsquo;une logique CVSS \u00e0 une logique de risques m\u00e9tier<\/h2>\n\n\n\n<p>Les indicateurs CVSS, CISA et MITRE ATT&amp;CK apportent un \u00e9clairage essentiel pour hi\u00e9rarchiser les vuln\u00e9rabilit\u00e9s et d\u00e9finir des priorit\u00e9s d&rsquo;action.<\/p>\n\n\n\n<p>Cependant, ces aspects techniques ne suffisent pas. L&rsquo;analyse de risques doit int\u00e9grer la dimension m\u00e9tier de chaque vuln\u00e9rabilit\u00e9 :<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Quelles sont les <strong>probabilit\u00e9s de survenue<\/strong> ? D\u00e9tectabilit\u00e9 de la faille, facilit\u00e9 d&rsquo;exploitation, motivation et capacit\u00e9 estim\u00e9e des attaquants&#8230;<\/li><li>Quels seraient les <strong>impacts business<\/strong> ? Indisponibilit\u00e9 de services critiques, atteintes \u00e0 la r\u00e9putation, vols de donn\u00e9es sensibles&#8230;<\/li><\/ul>\n\n\n\n<p>Ce n&rsquo;est qu&rsquo;en croisant ces diff\u00e9rentes dimensions qu&rsquo;un RSSI pourra r\u00e9ellement orienter les investissements de s\u00e9curit\u00e9 vers les enjeux les plus importants de l&rsquo;entreprise.<\/p>\n\n\n\n<p>Une bonne connaissance des risques m\u00e9tier et une analyse multicrit\u00e8res des vuln\u00e9rabilit\u00e9s sont donc indispensables pour une strat\u00e9gie efficace d&rsquo;optimisation des d\u00e9penses de cybers\u00e9curit\u00e9 !<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Face \u00e0 la recrudescence des cybermenaces, les RSSI doivent analyser finement les vuln\u00e9rabilit\u00e9s pour \u00e9valuer correctement leur niveau de criticit\u00e9 et hi\u00e9rarchiser les actions de rem\u00e9diation. Plusieurs indicateurs et standards permettent d&rsquo;enrichir une vuln\u00e9rabilit\u00e9 au-del\u00e0 de sa simple criticit\u00e9 technique mesur\u00e9e par le CVSS. Le score de vuln\u00e9rabilit\u00e9 CVSS Le score CVSS (Common Vulnerability Scoring [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[35],"tags":[],"class_list":["post-497","post","type-post","status-publish","format-standard","hentry","category-technologies-et-cybersecurite"],"blocksy_meta":{"styles_descriptor":{"styles":{"desktop":"","tablet":"","mobile":""},"google_fonts":[],"version":6}},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Les indicateurs de vuln\u00e9rabilit\u00e9s - Cybi - Solutions innovantes de Cybers\u00e9curit\u00e9 bas\u00e9es sur de l&#039;intelligence artificielle et de l&#039;apprentissage automatique<\/title>\n<meta name=\"description\" content=\"Cybi - Solutions innovantes de Cybers\u00e9curit\u00e9 bas\u00e9es sur de l&#039;intelligence artificielle et de l&#039;apprentissage automatique Technologies et Cybers\u00e9curit\u00e9 - cybersecurite cybersecurity scuba chemin attaque Attack Path Management intrusion\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.cybi.fr\/index.php\/2023\/11\/29\/les-indicateurs-de-vulnerabilites\/\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Les indicateurs de vuln\u00e9rabilit\u00e9s - Cybi - Solutions innovantes de Cybers\u00e9curit\u00e9 bas\u00e9es sur de l&#039;intelligence artificielle et de l&#039;apprentissage automatique\" \/>\n<meta property=\"og:description\" content=\"Cybi - Solutions innovantes de Cybers\u00e9curit\u00e9 bas\u00e9es sur de l&#039;intelligence artificielle et de l&#039;apprentissage automatique Technologies et Cybers\u00e9curit\u00e9 - cybersecurite cybersecurity scuba chemin attaque Attack Path Management intrusion\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.cybi.fr\/index.php\/2023\/11\/29\/les-indicateurs-de-vulnerabilites\/\" \/>\n<meta property=\"og:site_name\" content=\"Cybi - Solutions innovantes de Cybers\u00e9curit\u00e9 bas\u00e9es sur de l&#039;intelligence artificielle et de l&#039;apprentissage automatique\" \/>\n<meta property=\"article:published_time\" content=\"2023-11-29T14:27:27+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-11-29T15:07:14+00:00\" \/>\n<meta name=\"author\" content=\"Fabian OSMOND\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@CYBI_CYBER\" \/>\n<meta name=\"twitter:site\" content=\"@CYBI_CYBER\" \/>\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"Fabian OSMOND\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.cybi.fr\\\/index.php\\\/2023\\\/11\\\/29\\\/les-indicateurs-de-vulnerabilites\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.cybi.fr\\\/index.php\\\/2023\\\/11\\\/29\\\/les-indicateurs-de-vulnerabilites\\\/\"},\"author\":{\"name\":\"Fabian OSMOND\",\"@id\":\"https:\\\/\\\/www.cybi.fr\\\/#\\\/schema\\\/person\\\/3060713e028a83bbb248dba4763b3947\"},\"headline\":\"Les indicateurs de vuln\u00e9rabilit\u00e9s\",\"datePublished\":\"2023-11-29T14:27:27+00:00\",\"dateModified\":\"2023-11-29T15:07:14+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.cybi.fr\\\/index.php\\\/2023\\\/11\\\/29\\\/les-indicateurs-de-vulnerabilites\\\/\"},\"wordCount\":732,\"publisher\":{\"@id\":\"https:\\\/\\\/www.cybi.fr\\\/#organization\"},\"articleSection\":[\"Technologies et Cybers\u00e9curit\u00e9\"],\"inLanguage\":\"fr-FR\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.cybi.fr\\\/index.php\\\/2023\\\/11\\\/29\\\/les-indicateurs-de-vulnerabilites\\\/\",\"url\":\"https:\\\/\\\/www.cybi.fr\\\/index.php\\\/2023\\\/11\\\/29\\\/les-indicateurs-de-vulnerabilites\\\/\",\"name\":\"Les indicateurs de vuln\u00e9rabilit\u00e9s - Cybi - Solutions innovantes de Cybers\u00e9curit\u00e9 bas\u00e9es sur de l&#039;intelligence artificielle et de l&#039;apprentissage automatique\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.cybi.fr\\\/#website\"},\"datePublished\":\"2023-11-29T14:27:27+00:00\",\"dateModified\":\"2023-11-29T15:07:14+00:00\",\"description\":\"Cybi - Solutions innovantes de Cybers\u00e9curit\u00e9 bas\u00e9es sur de l&#039;intelligence artificielle et de l&#039;apprentissage automatique Technologies et Cybers\u00e9curit\u00e9 - cybersecurite cybersecurity scuba chemin attaque Attack Path Management intrusion\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.cybi.fr\\\/index.php\\\/2023\\\/11\\\/29\\\/les-indicateurs-de-vulnerabilites\\\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.cybi.fr\\\/index.php\\\/2023\\\/11\\\/29\\\/les-indicateurs-de-vulnerabilites\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.cybi.fr\\\/index.php\\\/2023\\\/11\\\/29\\\/les-indicateurs-de-vulnerabilites\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\\\/\\\/www.cybi.fr\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Les indicateurs de vuln\u00e9rabilit\u00e9s\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.cybi.fr\\\/#website\",\"url\":\"https:\\\/\\\/www.cybi.fr\\\/\",\"name\":\"Cybi - Solutions innovantes de Cybers\u00e9curit\u00e9 bas\u00e9es sur de l&#039;intelligence artificielle et de l&#039;apprentissage automatique\",\"description\":\"Cybi - Cybersecurity Intelligence\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.cybi.fr\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.cybi.fr\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.cybi.fr\\\/#organization\",\"name\":\"Cybi\",\"url\":\"https:\\\/\\\/www.cybi.fr\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/www.cybi.fr\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.cybi.fr\\\/wp-content\\\/uploads\\\/2022\\\/05\\\/Standard-2.png\",\"contentUrl\":\"https:\\\/\\\/www.cybi.fr\\\/wp-content\\\/uploads\\\/2022\\\/05\\\/Standard-2.png\",\"width\":2852,\"height\":1075,\"caption\":\"Cybi\"},\"image\":{\"@id\":\"https:\\\/\\\/www.cybi.fr\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/CYBI_CYBER\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/cybi\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.cybi.fr\\\/#\\\/schema\\\/person\\\/3060713e028a83bbb248dba4763b3947\",\"name\":\"Fabian OSMOND\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/baa57700c10599330d27935edd14942cc7b498f6b563987f42915bb50101cad7?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/baa57700c10599330d27935edd14942cc7b498f6b563987f42915bb50101cad7?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/baa57700c10599330d27935edd14942cc7b498f6b563987f42915bb50101cad7?s=96&d=mm&r=g\",\"caption\":\"Fabian OSMOND\"},\"url\":\"https:\\\/\\\/www.cybi.fr\\\/index.php\\\/author\\\/fosmond\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Les indicateurs de vuln\u00e9rabilit\u00e9s - Cybi - Solutions innovantes de Cybers\u00e9curit\u00e9 bas\u00e9es sur de l&#039;intelligence artificielle et de l&#039;apprentissage automatique","description":"Cybi - Solutions innovantes de Cybers\u00e9curit\u00e9 bas\u00e9es sur de l&#039;intelligence artificielle et de l&#039;apprentissage automatique Technologies et Cybers\u00e9curit\u00e9 - cybersecurite cybersecurity scuba chemin attaque Attack Path Management intrusion","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.cybi.fr\/index.php\/2023\/11\/29\/les-indicateurs-de-vulnerabilites\/","og_locale":"fr_FR","og_type":"article","og_title":"Les indicateurs de vuln\u00e9rabilit\u00e9s - Cybi - Solutions innovantes de Cybers\u00e9curit\u00e9 bas\u00e9es sur de l&#039;intelligence artificielle et de l&#039;apprentissage automatique","og_description":"Cybi - Solutions innovantes de Cybers\u00e9curit\u00e9 bas\u00e9es sur de l&#039;intelligence artificielle et de l&#039;apprentissage automatique Technologies et Cybers\u00e9curit\u00e9 - cybersecurite cybersecurity scuba chemin attaque Attack Path Management intrusion","og_url":"https:\/\/www.cybi.fr\/index.php\/2023\/11\/29\/les-indicateurs-de-vulnerabilites\/","og_site_name":"Cybi - Solutions innovantes de Cybers\u00e9curit\u00e9 bas\u00e9es sur de l&#039;intelligence artificielle et de l&#039;apprentissage automatique","article_published_time":"2023-11-29T14:27:27+00:00","article_modified_time":"2023-11-29T15:07:14+00:00","author":"Fabian OSMOND","twitter_card":"summary_large_image","twitter_creator":"@CYBI_CYBER","twitter_site":"@CYBI_CYBER","twitter_misc":{"\u00c9crit par":"Fabian OSMOND","Dur\u00e9e de lecture estim\u00e9e":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.cybi.fr\/index.php\/2023\/11\/29\/les-indicateurs-de-vulnerabilites\/#article","isPartOf":{"@id":"https:\/\/www.cybi.fr\/index.php\/2023\/11\/29\/les-indicateurs-de-vulnerabilites\/"},"author":{"name":"Fabian OSMOND","@id":"https:\/\/www.cybi.fr\/#\/schema\/person\/3060713e028a83bbb248dba4763b3947"},"headline":"Les indicateurs de vuln\u00e9rabilit\u00e9s","datePublished":"2023-11-29T14:27:27+00:00","dateModified":"2023-11-29T15:07:14+00:00","mainEntityOfPage":{"@id":"https:\/\/www.cybi.fr\/index.php\/2023\/11\/29\/les-indicateurs-de-vulnerabilites\/"},"wordCount":732,"publisher":{"@id":"https:\/\/www.cybi.fr\/#organization"},"articleSection":["Technologies et Cybers\u00e9curit\u00e9"],"inLanguage":"fr-FR"},{"@type":"WebPage","@id":"https:\/\/www.cybi.fr\/index.php\/2023\/11\/29\/les-indicateurs-de-vulnerabilites\/","url":"https:\/\/www.cybi.fr\/index.php\/2023\/11\/29\/les-indicateurs-de-vulnerabilites\/","name":"Les indicateurs de vuln\u00e9rabilit\u00e9s - Cybi - Solutions innovantes de Cybers\u00e9curit\u00e9 bas\u00e9es sur de l&#039;intelligence artificielle et de l&#039;apprentissage automatique","isPartOf":{"@id":"https:\/\/www.cybi.fr\/#website"},"datePublished":"2023-11-29T14:27:27+00:00","dateModified":"2023-11-29T15:07:14+00:00","description":"Cybi - Solutions innovantes de Cybers\u00e9curit\u00e9 bas\u00e9es sur de l&#039;intelligence artificielle et de l&#039;apprentissage automatique Technologies et Cybers\u00e9curit\u00e9 - cybersecurite cybersecurity scuba chemin attaque Attack Path Management intrusion","breadcrumb":{"@id":"https:\/\/www.cybi.fr\/index.php\/2023\/11\/29\/les-indicateurs-de-vulnerabilites\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.cybi.fr\/index.php\/2023\/11\/29\/les-indicateurs-de-vulnerabilites\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.cybi.fr\/index.php\/2023\/11\/29\/les-indicateurs-de-vulnerabilites\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.cybi.fr\/"},{"@type":"ListItem","position":2,"name":"Les indicateurs de vuln\u00e9rabilit\u00e9s"}]},{"@type":"WebSite","@id":"https:\/\/www.cybi.fr\/#website","url":"https:\/\/www.cybi.fr\/","name":"Cybi - Solutions innovantes de Cybers\u00e9curit\u00e9 bas\u00e9es sur de l&#039;intelligence artificielle et de l&#039;apprentissage automatique","description":"Cybi - Cybersecurity Intelligence","publisher":{"@id":"https:\/\/www.cybi.fr\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.cybi.fr\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Organization","@id":"https:\/\/www.cybi.fr\/#organization","name":"Cybi","url":"https:\/\/www.cybi.fr\/","logo":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/www.cybi.fr\/#\/schema\/logo\/image\/","url":"https:\/\/www.cybi.fr\/wp-content\/uploads\/2022\/05\/Standard-2.png","contentUrl":"https:\/\/www.cybi.fr\/wp-content\/uploads\/2022\/05\/Standard-2.png","width":2852,"height":1075,"caption":"Cybi"},"image":{"@id":"https:\/\/www.cybi.fr\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CYBI_CYBER","https:\/\/www.linkedin.com\/company\/cybi\/"]},{"@type":"Person","@id":"https:\/\/www.cybi.fr\/#\/schema\/person\/3060713e028a83bbb248dba4763b3947","name":"Fabian OSMOND","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/secure.gravatar.com\/avatar\/baa57700c10599330d27935edd14942cc7b498f6b563987f42915bb50101cad7?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/baa57700c10599330d27935edd14942cc7b498f6b563987f42915bb50101cad7?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/baa57700c10599330d27935edd14942cc7b498f6b563987f42915bb50101cad7?s=96&d=mm&r=g","caption":"Fabian OSMOND"},"url":"https:\/\/www.cybi.fr\/index.php\/author\/fosmond\/"}]}},"jetpack_featured_media_url":"","uagb_featured_image_src":{"full":false,"thumbnail":false,"medium":false,"medium_large":false,"large":false,"1536x1536":false,"2048x2048":false},"uagb_author_info":{"display_name":"Fabian OSMOND","author_link":"https:\/\/www.cybi.fr\/index.php\/author\/fosmond\/"},"uagb_comment_info":0,"uagb_excerpt":"Face \u00e0 la recrudescence des cybermenaces, les RSSI doivent analyser finement les vuln\u00e9rabilit\u00e9s pour \u00e9valuer correctement leur niveau de criticit\u00e9 et hi\u00e9rarchiser les actions de rem\u00e9diation. Plusieurs indicateurs et standards permettent d&rsquo;enrichir une vuln\u00e9rabilit\u00e9 au-del\u00e0 de sa simple criticit\u00e9 technique mesur\u00e9e par le CVSS. Le score de vuln\u00e9rabilit\u00e9 CVSS Le score CVSS (Common Vulnerability Scoring\u2026","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.cybi.fr\/index.php\/wp-json\/wp\/v2\/posts\/497","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybi.fr\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybi.fr\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybi.fr\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybi.fr\/index.php\/wp-json\/wp\/v2\/comments?post=497"}],"version-history":[{"count":2,"href":"https:\/\/www.cybi.fr\/index.php\/wp-json\/wp\/v2\/posts\/497\/revisions"}],"predecessor-version":[{"id":500,"href":"https:\/\/www.cybi.fr\/index.php\/wp-json\/wp\/v2\/posts\/497\/revisions\/500"}],"wp:attachment":[{"href":"https:\/\/www.cybi.fr\/index.php\/wp-json\/wp\/v2\/media?parent=497"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybi.fr\/index.php\/wp-json\/wp\/v2\/categories?post=497"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybi.fr\/index.php\/wp-json\/wp\/v2\/tags?post=497"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}