Get Started With Vulnerability Management

Here is a summary of what you need to know before starting a threat and vulnerability management program.

Regardless of the type or complexity of the cybersecurity control or program you are planning to implement or enhance, remember these three dimensions:

Process, People, Technology.

  • Process: includes the processes the policies, processes, procedures, standards and documentation that will dictate the what/why/how/who/when/where related to your control.
  • People: are the resources that will help you achieve your goals.
  • Technology: are the tools that will facilitate the implementation l, the management of your controls but also the one ones that will provide the capabilities to me force the controls.

Gain visibility on your assets

The most important element in vulnerability management and security in general is asset management and information governance.

In this case, when working on a vulnerability management program, you need to have visibility on all the organizations’ assets, because you can’t protect what you’re not aware of.

Process

How to create a patch and vulnerability management program by NIST.

Link: https://www.nist.gov/publications/creating-patch-and-vulnerability-management-program

People

Have a RACI matrix that defines who should do what to help keep the asset owners accountable.

Technology

Check this great article about the “Top Vulnerability Management Tools” compiled by OWASP.

Link: https://owasp.org/www-community/Vulnerability_Scanning_Tools

Let me know if you find this helpful, and feel free to share any other topics you want me to write or demonstrate.

--

--

--

Cybersecurity Professional, Lecturer, Cryptographer, Martial Artist.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Can good process save us from smart contract exploits?

{UPDATE} Burning Dot Hack Free Resources Generator

Back Me Up — Hacking Android apps without root

Shor’s Algorithm Watch Party

AIRDROP OF CORONA CRYPTO

Where is your Light Saber?

{UPDATE} Ludo Blast Online Hack Free Resources Generator

{UPDATE} Fun Run 2 - Multiplayer Race Hack Free Resources Generator

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Seif Hateb

Seif Hateb

Cybersecurity Professional, Lecturer, Cryptographer, Martial Artist.

More from Medium

OWASP Top 10 — What Do They Mean?

(How to) Secure your e-mail and prevent most cyberattacks

How to protect yourself from Hackers?

Top 5 web application security testing tools in 2021.