Vulnerability Prevention
The Vulnerability Management Life Cycle is intended to allow organizations to identify computer system security weaknesses; prioritize assets; assess, report, and remediate the weaknesses; and verify that they have been eliminated.
Vulnerability Prevention & Management Life Cycle
How It Works
The Vulnerability Management Life Cycle is designed to help organizations uncover security flaws in their computer systems, prioritize assets, assess, report, remediate the flaws, and verify that they have been fixed.
A vulnerability in computer security is a flaw or weakness that allows an intruder to compromise a system’s information assurance.
A vulnerability has three components: a system flaw, an intruder’s ability to access the flaw, and the intruder’s ability to exploit the flaw using a tool or technique.
Discover
Inventory all assets across the network and identify host details including the operating system and open services to identify vulnerabilities. Develop a network baseline. Identify security vulnerabilities on a regular automated schedule.
Prioritize Assets
Categorize assets into groups or business units, and assign a business value to asset groups based on their criticality to your business operation.
Assess
Determine a baseline risk profile so you can eliminate risks based on asset criticality, vulnerability threat, and asset classification.
Report
Measure the level of business risk associated with your assets according to your security policies. Document a security plan, monitor suspicious activity and describe known vulnerabilities.
Remediate
Prioritize and fix vulnerabilities in order according to business risk. Establish controls and demonstrate progress.
Verify
Verify that threats have been eliminated through follow-up audits.