Vulnerability Management Program Development
According to Gartner, "Enterprises that implement a vulnerability management process will experience 90 percent fewer successful attacks."
Year after year, do the same vulnerabilities keep cropping up on your network? If so, you are a perfect candidate for Foundstone Vulnerability Management Program Development service. It is a well known fact that network vulnerability management is a never-ending process. Foundstone will help you develop a network vulnerability management life cycle to ensure that new vulnerabilities are quickly discovered and mitigated.
Foundstone builds a network vulnerability management program that will:
- Establish essential security controls
- Identify and eliminate causes of vulnerabilities
- Continuously monitor and detect your internal and external vulnerabilities
- Provide you with a documented process for the remediation of identified vulnerabilities
- Establish a vulnerability management policy for your organization
- Help you identify vulnerability owners and track the remediation status of the vulnerabilities
Successful network vulnerability management balances the demands of security against the demands of individual business units. It includes these eleven steps:
- Current policy review relative to generally recognized standards and compliance guidelines
- Asset inventory:
- By type
- By owner
- Specifications
- Data classification to create an asset criticality profile, which defines how important each asset is to your organization.
- Vulnerability assessment
- What and when
- Vulnerability classification
- Threat correlation
- Worms, exploits, wide-scale attacks, new vulnerabilities
- Correlation of high-profile threats with the most important assets
- Determination of risk level based on the intersection of assets, vulnerabilities, and threats so that you can put your focus and attention on truly critical risks
- Remediation
- Factoring the cost to remediate versus the cost to ignore
- Zeroing in on must-have remediations
- Metrics
- Accurate metrics for more informed and more effective management
- Evaluation of your current state of security measurement against current baselines and against ideal conditions (e.g., Six Sigma)
- Training
- Communication
- Definition of organizational roles and responsibilities
Foundstone first assesses your current network vulnerability management program in the eleven best practice areas. Based upon the gaps we identify, Foundstone builds a more comprehensive vulnerability management program that addresses areas of concern that we have identified in your existing program.
Click here to view a full datasheet about this service.
Contact us to learn how our security services can help you protect your most important assets today.
