| Description |
1 online resource |
| Summary |
Infuse efficiency into risk mitigation practices by optimizing resource use with the latest best practices in vulnerability management Organizations spend tremendous time and resources addressing vulnerabilities to their technology, software, and organizations. But are those time and resources well spent? Often, the answer is no, because we rely on outdated practices and inefficient, scattershot approaches. Effective Vulnerability Management takes a fresh look at a core component of cybersecurity, revealing the practices, processes, and tools that can enable today's organizations to mitigate risk efficiently and expediently in the era of Cloud, DevSecOps and Zero Trust. Every organization now relies on third-party software and services, ever-changing cloud technologies, and business practices that introduce tremendous potential for risk, requiring constant vigilance. It's more crucial than ever for organizations to successfully minimize the risk to the rest of the organization's success. This book describes the assessment, planning, monitoring, and resource allocation tasks each company must undertake for successful vulnerability management. And it enables readers to do away with unnecessary steps, streamlining the process of securing organizational data and operations. It also covers key emerging domains such as software supply chain security and human factors in cybersecurity. Learn the important difference between asset management, patch management, and vulnerability management and how they need to function cohesively Build a real-time understanding of risk through secure configuration and continuous monitoring Implement best practices like vulnerability scoring, prioritization and design interactions to reduce risks from human psychology and behaviors Discover new types of attacks like vulnerability chaining, and find out how to secure your assets against them Effective Vulnerability Management is a new and essential volume for executives, risk program leaders, engineers, systems administrators, and anyone involved in managing systems and software in our modern digitally-driven society. |
| Contents |
Foreword .xvii -- Introduction xix -- 1 Asset Management 1 -- 2 Patch Management 29 -- 3 Secure Configuration 53 -- 4 Continuous Vulnerability Management 69 -- 5 Vulnerability Scoring and Software Identification 79 -- 6 Vulnerability and Exploit Database Management 115 -- 7 Vulnerability Chaining 125 -- 8 Vulnerability Threat Intelligence 145 -- 9 Cloud, DevSecOps, and Software Supply Chain Security 155 -- 10 The Human Element in Vulnerability Management 187 -- 11 Secure-by-Design 207 -- 12 Vulnerability Management Maturity Model 233 -- Acknowledgments 247 -- About the Authors 249 -- About the Technical Editor 251 -- Index 253. |
| Subject |
Computer security.
|
|
Sécurité informatique. |
| Added Author |
Robinson, Nikki, author.
|
| Other Form: |
Print version: 1394221207 9781394221202 (OCoLC)1400973030 |
| ISBN |
9781394277155 electronic book |
|
1394277156 electronic book |
|
9781394221226 electronic book |
|
1394221223 electronic book |
|
9781394221219 (electronic bk.) |
|
1394221215 (electronic bk.) |
|
paperback |
|
paperback |
| Standard No. |
10.1002/9781394277155 doi |
|
More Resources