Vulnerability Management

What can vulnerability management do for your organization?

Vulnerability assessments are technical reviews using non-invasive technologies such as port scanners and information gathering tools to obtain information about an organization’s technical defenses. After documenting and reporting this information, senior management can either decide to implement new security countermeasures or accept the risk.

  • Gather information using vulnerability scanning and information gathering tools.

  • Prepare a comprehensive port of vulnerability findings and the potential of exploitation.

  • Upon review of report by management, negotiate terms of engagement for penetration testing.

  • Conduct invasive security penetration testing to determine actual exploitability of known vulnerabilities. 

What are the steps of vulnerability management?

  • Identifying vulnerabilities by conducting scanning or examining existing scan reports. 

  • Prioritizing vulnerabilities by degree of criticality and potential impact on business. 

  • Mapping vulnerabilities to administrative and technical controls based on cost and risk. 

  • Assist with the implementation of technical and administrative policies to mitigate vulnerabilities.