Vulnerability, patch, and configuration management are not new security topics. In fact, they are some of the oldest security functions. Yet, we still struggle to manage these capabilities effectively. The quantity of outstanding vulnerabilities for most large organizations is overwhelming, and all organizations struggle to keep up with the never-ending onslaught of new vulnerabilities in their infrastructure and applications. When you add in the cloud and the increasing speed with which all organizations must deliver systems, applications, and features to both their internal and external customers, security may seem unachievable.
NEW POSTER!
Key Metrics: Cloud & Enterprise | Vulnerability Management Maturity Model
This new poster was developed by Jonathan Risto and AJ Yawn.
Key Metrics: Cloud and Enterprise delivers a set of essential metrics to generate, provide, and review with the Technical, Operational, and Executive partners of the organization. Providing both early-stage and advanced metrics, organizations can generate meaningful metrics across the Identify, Protect, Detect and Respond functions of their security programs.
The SANS Vulnerability Management Maturity Model helps you gauge the effectiveness of your Vulnerability Management program. The model details key activities performed within Vulnerability Management on a 5-point scale. Leveraging the model, you can categorize your program’s current capabilities to create a clear roadmap to improve your program.
Download your FREE copy here.
NEWS
Firms Push for CVE-Like Cloud Bug System
Microsoft Azure Vulnerability Exposes PostgreSQL Databases to Other Customers
Researcher Releases PoC for Recent Java Cryptographic Vulnerability
2021 Top Routinely Exploited Vulnerabilities - A joint security bulletin coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom lists the top 15 exploited vulnerabilities in 2021
Cisco Vulnerability CVE-2022-20695
VMWARE Remote Code Execution (RCE) vulnerability
‘Groundbreaking’ CISA directive to overhaul cyber vulnerability management process
Can understanding flaws in malware help defenders prevent attacks?