Comment on page
Vulnerability Management Lifecycle
The VM Lifecycle represents the process and series of critical stages to identify and remediate vulnerabilities/weakness to attacks and exploitation of discovered findings.
Detect and interrogate system assets
- Devices, platforms, applications
Identify all assets
- Identify assets that need to be monitored
- The intent is to ensure no vulnerable devices are overlooked
Determines the priority of discovered assets
- What assets are most business-critical?
- What assets require immediate attention?
- Helps focus resources
Patching all assets at once is likely not feasible. Ensure to collaborate with asset owners and stakeholders to determine asset priorities
Determines if a vulnerability exists in the system
- Compares assets to known vulnerabilities
- Determine Risk score (CVSS, VRT, etc)
Presents assets and vulnerabilities in a form to view findings
- Compile discovery with identified vulnerabilities
- Usually categorized by priority, location, etc
- Tailor reports for various audiences
Takes action on a vulnerability
- Apply patches
- Initiate compensating controls
- Accept the vulnerability/risk
Verifies that a remediation was successful or effective
- Was vulnerability resolved?
- Is further action needed?
Incomplete asset information - Effective discovery requires both asset identification and the information about the contents of each asset
Incomplete asset lists - Out-of-date asset lists and mixed data sources can prevent discovery from providing complete asset accountability for a thorough risk evaluation
Overwhelming scan data - Prioritization helps target efforts for the most critical assets from the most serious threats
Organizational communication - Frequent communication, reports, system dashboards, and notifications help keep teams informed for required patching/updates
Vulnerability Identification - Vulnerability data must be up to data and relevant from authoritative sources
Timely Remediation - Efforts must be timely, organized, and effective with specific assignments and accountability
Process Tracking - Verification helps assure that remediation is successful with no new vulnerabilities exposed