Abstract
Numerous tools are available that assist in vulnerability management. However, determining which tool(s) to leverage is not easy, because no one product can address all of the aspects of vulnerability management. Therefore, when deciding which vulnerability management tool(s) to use, it is important that you understand each tool's capabilities, and how the available tools work with each other. This chapter discusses the evaluation of vulnerability management tools along with several popular commercial tools (eEye Digital Security, Symantec (BindView), Attachmate (NetlQ), StillSecure, and McAfee) and open source tools (Information Resource Manager, Nmap, and Nessus). The perfect vulnerability management tool possesses capabilities for asset management, vulnerability assessment, configuration management, patch management, remediation, reporting, and monitoring, all working well together, and it would integrate well with third-party technologies. Ideally, the tool's asset management, vulnerability management, and patch management capabilities would work particularly well together. The chapter concludes with a discussion on some of the pros and cons of leveraging an outsourcer to manage parts of a vulnerability management program.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
