Audible Premium Plus. $0,99 USD al mes. durante los 3 primeros meses. ¡Obtén esta oferta! $14,95 al mes después de 3 meses. Cancela en cualquier momento. Esta oferta finaliza el 31 de julio, 2024 a las 11:59PM PT

4 - Vulnerability Management
Jul 2 2024
Duración: 52 m
Podcast

No se pudo agregar al carrito

Solo puedes tener X títulos en el carrito para realizar el pago.

Add to Cart failed.

Por favor prueba de nuevo más tarde

Error al Agregar a Lista de Deseos.

Por favor prueba de nuevo más tarde

Error al eliminar de la lista de deseos.

Por favor prueba de nuevo más tarde

Error al añadir a tu biblioteca

Por favor intenta de nuevo

Error al seguir el podcast

Intenta nuevamente

Error al dejar de seguir el podcast

Intenta nuevamente

4 - Vulnerability Management

Escúchala gratis

Ver detalles del espectáculo

Resumen
Vulnerabilities are everywhere and on every IT asset within an organization. This makes vulnerability management one of the most important – if not the most important – risk mitigation activities an organization undertakes. But, the complexities inherent in many organizations combined with the sheer number of vulnerabilities leaves many not knowing where to even begin when it comes to vulnerability management. On today’s episode, we’ll demystify vulnerability management by defining some context, outlining an effective vulnerabilities management program, discussing potential challenges, tying it all to compliance, and decoupling vulnerability management from the inherent complexities.

Today’s guest is Andrew Overmyer, Security Assessor, subject matter expert, and general cybersecurity jack-of-all-trades at Kratos. During our conversation, we distill this often-nebulous concept into the concrete tenets necessary to build an effective program to drive vulnerability remediation efforts.

Resources:

· The Core Tenets of Vulnerability Management

o Asset Management: a tool or set of tools accompanied by a process that build and maintain an accurate asset inventory; an asset inventory must include but not be limited to network segments and IT assets across all types

o Patch Management: a tool or set of tools accompanied by a process that supports identifying and applying patches

o Vulnerability Scanning: a tool or set of tools accompanied by a process that support identifying vulnerabilities on IT assets; vulnerability scans must be run with credentials, to the greatest extent possible, to fully identify vulnerabilities present

o Compliance Scanning: a tool or set of tools accompanied by a process that support identifying misconfigurations on IT assets; misconfigurations are deviations from a defined baseline (e.g., Center for Internet Security benchmarks)

· Vulnerability Scanning Schedule

o Daily: Asset scans to identify assets on the network; these are not vulnerability scans, but rather simple scans to identify assets on the network

o Weekly: Vulnerability scans of all assets on the network

o Monthly: Compliance scans of all applicable assets on the network

· CVSS: Common Vulnerability Scoring System Version 4.0

· EPSS: Exploit Prediction Scoring System

· SSVC: Stakeholder-Specific Vulnerability Categorization

Más Menos

Ciencia Política

Lo que los oyentes dicen sobre 4 - Vulnerability Management

Calificaciones medias de los clientes

Reseñas - Selecciona las pestañas a continuación para cambiar el origen de las reseñas.

Reseñas de Audible.com

Opiniones de Amazon

No hay comentarios disponibles

Denunciar una opinión en Amazon