Effective vulnerability management (VM) requires more than just identifying and reporting on vulnerabilities. In order to succeed, programs need to provide clear, actionable, concise findings in a format that is familiar to those who will be acting on this information. Findings must also be integrated into existing business processes and include the proper context to streamline processes related to VM. Both VM and VM-related processes must be well-defined, proactive, and consistent. Finally, organizations need to understand what changes may be needed to deal with public, hybrid, and private cloud services along with new operational paradigms (e.g. DevOps), and how these new services and operational processes can help organizations improve vulnerability management.
In this webcast, we will examine common anti-patterns for effective vulnerability management and discuss new opportunities and strategies for overcoming these problems.
This webcast is based on the new SANS class, MGT516: Managing Security Vulnerabilities: Enterprise and Cloud. The primary goal of this course is to equip those responsible for managing the infrastructure and application vulnerabilities with strategies and solutions that overcome the challenges and stumbling blocks they may encounter. By understanding the problem and potential solutions, participants will be better prepared to meet this challenge and determine what might work for their organization.