Vulnerability Management is a practice that includes several functions:
- Identification of technical flaws
- Vetting of what was found to eliminate false positives and negatives
- Rationalization of the actions available
- Notification to the appropriate parties on the scope and priority of the flaws identified
- Tracking of fixes applied and mitigating controls implemented
- Management of escalations and exceptions (in coordination with the compliance group )
Some organizations manage internal software development vulnerabilities through the Software Development Lifecycle ( SDLC).
There is still the question of how to manage all the devices and off-the-shelf applications that operate inside the network. Who is responsible for fixing the problems? Which applications take priority?
ProGloBix has experience defining, designing and implementing complex Vulnerability Management programs. Contact us for a consultation.