From SANS: How to Show Business Benefit by Moving to Risk-Based Vulnerability Management
In this buyer’s guide, you’ll learn which technologies you need to assess, prioritize and remediate your most critical vulnerabilities.
Vulnerability assessment has been a security requirement for every major regulatory agency over the last 15 years. Yet, time and again, after-incident reports reveal that costly breaches, causing millions of dollars in damage, are a result of known vulnerabilities that went unpatched due to a lack of connection to business criticality.
In this whitepaper written by SANS security expert, John Pescatore, you’ll learn how to avoid this “lack of context” trap by adopting a risk-based approach to vulnerability management. Reading this paper will help you answer several key security questions including:
- How do I measure the business risk underlying any given vulnerability?
- What concrete steps can I take to migrate to a risk-based VM program?
- Which questions and selection criteria should I consider when evaluating technology products and vendors?
Author:
John Pescatore
Director of Emerging Security Trends, SANS Institute
Download SANS Whitepaper
© 2021 Tenable®, Inc. All Rights Reserved