Vulnerability Management
In addition to monitoring and managing threats, assessment and management of vulnerabilities is the other major void that is commonly found post-assessment on an IT infrastructure. Conducting risk and software vulnerability assessments and management is a continuous life cycle that requires documented procedures for conducting assessments on the IT infrastructure and the IT assets that are vulnerable. Vulnerability assessments require strategies for handling software vulnerabilities throughout the organization, which accounts for a majority of the server and workstation vulnerabilities given the vulnerabilities found in operating system software for servers and workstations.
The software vulnerability window must always be kept in line with the organization's defined Software Vulnerability Standard for minimizing the vulnerability window caused by software vulnerabilities. An enterprise software vulnerability management strategy coupled with a software patch management solution is required. An automated software patch management system and solution may be required for organizations that have large quantities of production servers and workstations.
The results of a risk and vulnerability assessment typically require the organization to prioritize what vulnerabilities need to be addressed first by the organization. Many organizations are faced with limited budgets and thus must prioritize how they will spend funds on security initiatives and security countermeasures for identified threats and vulnerabilities. This is not an easy task and must be conducted with the security of the entire organization in mind. Then the organization can formulate a vulnerability management strategy that typically requires the elimination, mitigation, monitoring, and tracking of metrics.
Enterprise Vulnerability Management
Enterprise vulnerability management is a recurring process and requires documented procedures and guidelines so that compliance and conformance to the organization's policies and standards can be implemented properly. Vulnerability management typically contains the following processes:
- Discovery Perform an IT infrastructure and IT asset threat and vulnerability investigation.
- Prioritize Prioritize those vulnerabilities on production IT infrastructure assets based on their criticality to the organization and the Data Classification Standard.
- Mitigate Mitigate vulnerabilities via configuration updates, software patch updates, asset shielding behind firewalls, and/or patch installations.
- Maintain Conduct ongoing configuration management and provisioning.
- Monitor Continuously monitor the IT infrastructure and its IT assets by implementing procedures and guidelines for security management, reporting, and auditing.
- Baseline Conduct periodic baseline definitions for the IT assets, systems, and devices via assessments and continuous monitoring for security and software integrity.
Introduction to Assessing Network Vulnerabilities
- Introduction to Assessing Network Vulnerabilities
- What Security Is and Isnt
- Process for Assessing Risk
- Four Ways in Which You Can Respond to Risk
- Network Vulnerability Assessment
Foundations and Principles of Security
- Foundations and Principles of Security
- Basic Security Principles
- Security Requires Information Classification
- The Policy Framework
- The Role Authentication, Authorization, and Accountability Play in a Secure Organization
- Encryption
- Security and the Employee (Social Engineering)
Why Risk Assessment
- Why Risk Assessment
- Risk Terminology
- Laws, Mandates, and Regulations
- Risk Assessment Best Practices
- Understanding the IT Security Process
- The Goals and Objectives of a Risk Assessment
Risk-Assessment Methodologies
- Risk-Assessment Methodologies
- Risk-Assessment Terminology
- Quantitative and Qualitative Risk-Assessment Approaches
- Best Practices for Quantitative and Qualitative Risk Assessment
- Choosing the Best Risk-Assessment Approach
- Common Risk-Assessment Methodologies and Templates
Scoping the Project
- Scoping the Project
- Defining the Scope of the Assessment
- Reviewing Critical Systems and Information
- Compiling the Needed Documentation
- Making Sure You Are Ready to Begin
Understanding the Attacker
- Understanding the Attacker
- Who Are the Attackers?
- What Do Attackers Do?
- Reducing the Risk of an Attack
- How to Respond to an Attack
Performing the Assessment
- Performing the Assessment
- Introducing the Assessment Process
- Level I Assessments
- Level II Assessments
- Level III Assessments
Tools Used for Assessments and Evaluations
- Tools Used for Assessments and Evaluations
- A Brief History of Security Tools
- Putting Together a Toolkit
- Determining What Tools to Use
Preparing the Final Report
- Preparing the Final Report
- Preparing for Analysis
- Ranking Your Findings
- Building the Final Report
- Contents of a Good Report
- Determining the Next Step
- Audit and Compliance
Post-Assessment Activities
- Post-Assessment Activities
- IT Security Architecture and Framework
- Roles, Responsibilities, and Accountabilities
- Security Incident Response Team (SIRT)
- Vulnerability Management
- Training IT Staff and End Users
Appendix A. Security Assessment Resources
Appendix B. Security Assessment Forms
- Information Request Form
- Document Tracking Form
- Critical Systems and Information Forms
- Level II Assessment Forms
Appendix C. Security Assessment Sample Report
- Appendix C. Security Assessment Sample Report
- Notice
- Executive Summary
- Statement of Work
- Analysis
- Recommendations
- Conclusions
Appendix D. Dealing with Consultants and Outside Vendors
- Appendix D. Dealing with Consultants and Outside Vendors
- Procurement Terminology
- Typical RFP Procurement Steps
- Procurement Best Practices
Appendix E. SIRT Team Report Format Template
EAN: 2147483647
Pages: 138
