Vulnerability management
"Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities"[1] This practice generally refers to software vulnerabilities in computing systems however it can also extend to organizational behavior and strategic decision-making processes.
Contents |
Vulnerability Management for Applications Versus Hosts and Infrastructure[edit]
Host and infrastructure vulnerabilities can often be addressed by applying patches or changing configuration settings. Custom software or application-based vulnerabilities often require additional software development in order to fully mitigate. Technologies such as web application firewalls can be used in the short term to shield systems, but to address the root cause, changes must be made to the underlying software.
Managing Known Vulnerabilities Versus Unknown Vulnerabilities[edit]
Typical tools used for identifying and classifying known vulnerabilities are vulnerability scanners. These tools look for vulnerabilities known and reported by the security community, and which typically are already fixed by relevant vendors with patches and security updates.
Zero-day vulnerabilities are problems that vulnerability scanners cannot detect, and which also do not have any patches or updates available from vendors. Unknown Vulnerability Management process augments the known vulnerability management by introducing tools and techniques such as network analyzers for mapping attack surface, and fuzzers for finding zero day vulnerabilities. [2]
See also[edit]
References[edit]
- ^ Foreman, P: Vulnerability Management, page 1. Taylor & Francis Group, 2010. ISBN 978-1-4398-0150-5
- ^ Anna-Maija Juuso and Ari Takanen Unknown Vulnerability Management, Codenomicon whitepaper, October 2010 [1].
