CyberSpace Notebook
Main SiteSponsorMedium BlogYoutubeDiscordLinkedIN
Ask or search…
K
Links
Comment on page

Vulnerability Management Lifecycle

The VM Lifecycle represents the process and series of critical stages to identify and remediate vulnerabilities/weakness to attacks and exploitation of discovered findings.

Discovery

Detect and interrogate system assets
  • Devices, platforms, applications
Identify all assets
  • Identify assets that need to be monitored
  • The intent is to ensure no vulnerable devices are overlooked

Prioritize Assets

Determines the priority of discovered assets
  • What assets are most business-critical?
  • What assets require immediate attention?
  • Helps focus resources
Patching all assets at once is likely not feasible. Ensure to collaborate with asset owners and stakeholders to determine asset priorities

Assess

Determines if a vulnerability exists in the system
  • Compares assets to known vulnerabilities
  • Determine Risk score (CVSS, VRT, etc)

Reporting

Presents assets and vulnerabilities in a form to view findings
  • Compile discovery with identified vulnerabilities
  • Usually categorized by priority, location, etc
  • Tailor reports for various audiences

Remediate

Takes action on a vulnerability
  • Apply patches
  • Initiate compensating controls
  • Accept the vulnerability/risk

Verify

Verifies that a remediation was successful or effective
  • Was vulnerability resolved?
  • Is further action needed?

VM Lifecycle Challenges

Incomplete asset information - Effective discovery requires both asset identification and the information about the contents of each asset
Incomplete asset lists - Out-of-date asset lists and mixed data sources can prevent discovery from providing complete asset accountability for a thorough risk evaluation
Overwhelming scan data - Prioritization helps target efforts for the most critical assets from the most serious threats
Organizational communication - Frequent communication, reports, system dashboards, and notifications help keep teams informed for required patching/updates
Vulnerability Identification - Vulnerability data must be up to data and relevant from authoritative sources
Timely Remediation - Efforts must be timely, organized, and effective with specific assignments and accountability
Process Tracking - Verification helps assure that remediation is successful with no new vulnerabilities exposed
Field Notes - Previous
Governance, Risk, Compliance
Next - Field Notes
Reporting
Last modified 4mo ago