))
4 - Vulnerability Management
Manage episode 426799857 series 3578204
Contenu fourni par Kratos. Tout le contenu du podcast, y compris les épisodes, les graphiques et les descriptions de podcast, est téléchargé et fourni directement par Kratos ou son partenaire de plateforme de podcast. Si vous pensez que quelqu'un utilise votre œuvre protégée sans votre autorisation, vous pouvez suivre le processus décrit ici https://fr.player.fm/legal.
Vulnerabilities are everywhere and on every IT asset within an organization. This makes vulnerability management one of the most important – if not the most important – risk mitigation activities an organization undertakes. But, the complexities inherent in many organizations combined with the sheer number of vulnerabilities leaves many not knowing where to even begin when it comes to vulnerability management. On today’s episode, we’ll demystify vulnerability management by defining some context, outlining an effective vulnerabilities management program, discussing potential challenges, tying it all to compliance, and decoupling vulnerability management from the inherent complexities.
Today’s guest is Andrew Overmyer, Security Assessor, subject matter expert, and general cybersecurity jack-of-all-trades at Kratos. During our conversation, we distill this often-nebulous concept into the concrete tenets necessary to build an effective program to drive vulnerability remediation efforts.
Resources:
· The Core Tenets of Vulnerability Management
o Asset Management: a tool or set of tools accompanied by a process that build and maintain an accurate asset inventory; an asset inventory must include but not be limited to network segments and IT assets across all types
o Patch Management: a tool or set of tools accompanied by a process that supports identifying and applying patches
o Vulnerability Scanning: a tool or set of tools accompanied by a process that support identifying vulnerabilities on IT assets; vulnerability scans must be run with credentials, to the greatest extent possible, to fully identify vulnerabilities present
o Compliance Scanning: a tool or set of tools accompanied by a process that support identifying misconfigurations on IT assets; misconfigurations are deviations from a defined baseline (e.g., Center for Internet Security benchmarks)
· Vulnerability Scanning Schedule
o Daily: Asset scans to identify assets on the network; these are not vulnerability scans, but rather simple scans to identify assets on the network
o Weekly: Vulnerability scans of all assets on the network
o Monthly: Compliance scans of all applicable assets on the network
· CVSS: Common Vulnerability Scoring System Version 4.0
· EPSS: Exploit Prediction Scoring System
· SSVC: Stakeholder-Specific Vulnerability Categorization
7 episodes
Partager
