Since 2014 the mission of Google’s Project Zero has been to make the Internet a more secure place through the discovery and responsible publishing of vulnerabilities. While Google works with vendors to ensure a patch is available before details of a vulnerability are released, nothing is actually made more secure until that patch is applied by the consumer. Patching for consumers is easy but seldom done while patching for enterprise is more complex, requiring planning and maintenance windows scheduled far in advance. Users remain vulnerable to a vulnerability that was not made public in the first place.
Managing vulnerabilities . . .