Abstract
This chapter outlines the building blocks of a vulnerability management program and discusses the factors required for maintaining an effective program. Vulnerability management is best defined as the overall process of managing the risk presented to an enterprise due to vulnerabilities, whether they are software or hardware related. Vulnerability management ties directly into vulnerability discovery and vulnerability assessment in many ways, and depends greatly on the patch management process as well. Vulnerability management also includes the grouping of security practices and processes which assist in managing security liabilities, allowing you to integrate vulnerability management into existing information security and IT workflows. Planning a vulnerability management program is no different from planning for any other project or program. The plan should clearly articulate its intent and relevance to the business. A vulnerability management plan consists of six stages identification, assessment, remediation, reporting, improvement of the vulnerability management program, and monitoring of software and hardware vulnerabilities.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
