Please enable JavaScript.
Coggle requires JavaScript to display documents.
Information security Vulnerability Management Report (Remediation…
Information security Vulnerability Management Report
Configure Tools to Perform Scans According to Specification
Determine scanning criteria
Scope
Credentialed vs. non-credentialed
Vulnerability feed
Types of data
Sensitivity levels
Server-based vs. agent-based
Tool Updates/Plug-ins
SCAP
Permissions and Access
Remediation
Prioritizing
Difficulty of Implementation
Criticality
Communication/Change Control
Sandboxing/testing
Inhibitors to remediation
SLAs
Organizational governance
Business process interruption
Degrading functionality
MOUs
Generate Reports
Automated vs. Manual Distribution
Identification of Requirements
Corporate policy
Data classification
Regulatory environments
Asset inventory
Critical
Non-critical
Establish Scanning Frequency
Regulatory requirements
Technical constraints
Risk appetite
Workflow
Execute Scanning
Ongoing Scanning and Continuous Monitoring