Get Started With Vulnerability Management

Here is a summary of what you need to know before starting a threat and vulnerability management program.

Regardless of the type or complexity of the cybersecurity control or program you are planning to implement or enhance, remember these three dimensions:

Process, People, Technology.

  • Process: includes the processes the policies, processes, procedures, standards and documentation that will dictate the what/why/how/who/when/where related to your control.
  • People: are the resources that will help you achieve your goals.
  • Technology: are the tools that will facilitate the implementation l, the management of your controls but also the one ones that will provide the capabilities to me force the controls.

Gain visibility on your assets

The most important element in vulnerability management and security in general is asset management and information governance.

In this case, when working on a vulnerability management program, you need to have visibility on all the organizations’ assets, because you can’t protect what you’re not aware of.


How to create a patch and vulnerability management program by NIST.



Have a RACI matrix that defines who should do what to help keep the asset owners accountable.


Check this great article about the “Top Vulnerability Management Tools” compiled by OWASP.


Let me know if you find this helpful, and feel free to share any other topics you want me to write or demonstrate.




Cybersecurity Professional, Lecturer, Cryptographer, Martial Artist.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Infographic: What data do tech companies really collect?

Trezor Suite Install

Changing the Uncontrolled Release of Offensive Tools (OSTs)

Stay Safe Online: Boost Your Business Website Security

How to recover what you lost to fake investment websites, pig butchering scams and exit scams.

How-to guide to set up your own domain name Email

This day in history

Special Earn Crypto Promo: Refer A Friend & Get Rewarded!

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Seif Hateb

Seif Hateb

Cybersecurity Professional, Lecturer, Cryptographer, Martial Artist.

More from Medium

Log4j Vulnerability Explained

NMAP- A Complete Guide 2

Vulnhub: RED: 1 (Walkthrough)

Authentication Basic in 3 minutes