Vulnerability Management

First, let’s get the formal definition out of the way: Vulnerability management, in cyber security terms, refers to the continuous process of identifying, assessing, prioritising, and mitigating security vulnerabilities within an organisation’s systems and networks.

In practical terms, vulnerability management encompasses the activities that organisations take to reduce the risks associated with cyber incidents.

At one end of the spectrum, this may simply be a case of implementing an effective patch management policy. Although this approach is far from comprehensive, it is an important step to take as a line of defence.

Patch management may not cover two important areas:

Updates to devices such as switches, routers, firewalls and printers.
Security misconfigurations. Just because software is up to date, this doesn’t mean it is configured in a secure manner.

Vulnerability scanners, which maybe open source or commercial, can be used to identify vulnerabilities in a range of networked devices and equipment, and can also identify security misconfigurations.

A comprehensive vulnerability management program would begin by identifying an organisation’s assets, scanning these for vulnerabilities, triaging vulnerable systems to set priorities for remediation and then carrying out the remediation. This isn’t a one-off activity. Vulnerability management at this level, involves continuous monitoring, assessment and remediation.

Whatever the initial approach you decide to take, we can help you.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.