This is the last part in our series on prioritizing vulnerability remediation, where we’ve been outlining basic requirements so you can always identify the IT assets you must patch right away.
In our first two posts, we met Steve, an infosec manager whose organization’s inability to manage its IT environment’s vulnerabilities had turned him into an insomniac. We also described the first three requirements for success:
- compiling a complete, detailed IT asset inventory;
- logging the constant stream of vulnerability disclosures;
- and correlating external threat information with your IT assets’ vulnerabilities.
In this last installment, we discuss the last two of the five requirements: having dashboard tools to visualize and share your threat landscape; and making precise assessments of your organization’s risk scenarios.
Continue reading …