Risk-Based Approach to Vulnerability Remediation
Many companies have realized that annual vulnerability assessments just aren’t sufficient, and have moved to regular monthly or quarterly vulnerability scanning. While this has helped immensely by providing organizations with a much better understanding of their current security vulnerabilities, it has also created a significant challenge for the people responsible for fixing the vulnerabilities to decide what to fix and when.
This white paper will outline an approach that allows companies to “slice and dice” their vulnerability information in a much more effective fashion, allowing them to decide what to fix and when based on a well-defined methodology that is consistent, repeatable, and contextual for each company that adopts it.
The deliverables of this approach are to more quickly remediate vulnerabilities and to be able to report to the Board that risk is being mitigated in a timely, repeatable manner.
In this whitepaper we take a look at: