Build vs Buy: Pitfalls on the Path to Vulnerability Management Maturity

As you continue down the path of VM maturity, you will undoubtedly find that manual VM workflows are bottlenecks preventing your program from scaling and moving quickly enough to meet your objectives. You might even consider building your own VM platform internally to automate some of these bottlenecks. Let us stop you right there.

We’ve seen it a million times. Proprietary in-house software, or homegrown vulnerability management solutions, tend to be clunky and immature, consisting of little more than a database and primitive user interface. They’re often difficult, time-consuming, and expensive to maintain, while seldom meeting the needs of the organization or scaling sufficiently to meet increasing demand. What starts as an attempt to ease bottlenecks and control expense, almost always spirals into a bigger headache and larger spending-vehicle than imagined.

How do we know? Because we’ve built them. In this talk, Nucleus co-founders Scott Kuffer and Steve Carter will explore the pitfalls on the path to VM maturity, with insights into why DIY is seldom the best course of action, and how we’ve seen the tactic go horribly wrong