1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

IDG Contributor Network: How to build a top-notch vulnerability management program

Discussion in 'CSO' started by RSS, Jan 29, 2016.

  1. RSS

    RSS New Member Member

    A good vulnerability assessment program has many elements including risk prioritized endpoint groups and scheduled vulnerability scans followed by result reviews. However what differentiates a good program from a great program is a strong integration of the vulnerability management program with other key business and technical systems and processes.

    A truly powerful and great vulnerability program will tie into three of these critical systems and business processes.

    • Inventory management
    • Patch management
    • Application security
    • Risk management
    Inventory management

    A good vulnerability management system requires a good inventory system. If the systems to be scanned do not show up on the inventory management system then the system will not show up on the vulnerability scans and consequently will not be patched. So before moving along too far ahead in the vulnerability program it is good to stop and evaluate the coverage of the inventory management tool.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page