Please enable JavaScript.
Coggle requires JavaScript to display documents.
Designing a Vulnerability Management Program - Coggle Diagram
Designing a
Vulnerability Management Program
Identifying Vulnerability Management Requirements
Regulatory Environment
Payment Card Industry Data Security Standard (PCI DSS)
Federal Information Security Management Act (FISMA)
Identifying Scan Targets
Determining Scan Frequency
Active vs. Passive Scanning
Active
:meaning that the tool actually interacts with the scanned host to identify open services and check for possible vulnerabilities
passive scanners
monitor the network similar to the technique used by intrusion detection systems
Configuring and Executing Vulnerability Scans
Configuring Vulnerability Scans
Scan Sensitivity Levels
Supplementing Network Scans
credentials
allow the scanner to connect to the target server and retrieve configuration information
scans may access operating systems, databases,
and applications, among other sources.
Noncredentials
Scan Perspective
Scanner Maintenance
Scanner Software
Vulnerability Plug-in Feeds
Developing a Remediation Workflow
Prioritizing Remediation
Testing and Implementing Fixes
Delayed Remediation Options
we have two options to deals with this issues
First:
you can implement a
compensating control
Second
you can decide that the
risk is acceptable
and that you will continue
business as usual
Overcoming Risks of Vulnerability Scanning
Service Degradations
Customer Commitments
Memorandums of understanding (MOUs)
service-level
agreements (SLAs)
IT Governance and Change Management Processes
Vulnerability Scanning Tools