Vulnerability Management (Remediation (Network Vulnerabilities (DNS,…
1.) Sync remediation and maintenance schedule
- Scheduling an emergency maintenance window for critical findings.
2.) Choose a risk-based remediation
- Scan first the important assets
- Set a sensible scanning schedule
4.) Installation and Configuration of tools
- Configure tools based on the requirements.
- Configure to avoid too much false positives.
5.) Define Business Risk
- Categorize business asset based on risk.
- Rank Group of assets based on importance.
- Continuous learning. Online courses
7.) Know the resources
- Understand what the environment is.
- Know the assets.
- Know who is responsible for those assets.
8.) No Hoarding
- Explain the seriouness of the findings
9.) Document Everthing
- Everybody know's what to do.
10.) Who's who?
- Who is the contact person for a specific problem.