Remediate & Mitigate Vulnerabilities
Once the vulnerabilities have been identified in the environment and classified, the remediation steps then require to be defined.
We work with organisation's to define workflows for each scan that is run, so that remediation steps are clear. If you are running a patch audit scan for instance, the remediation step would be to apply the relevant patch and audit that it has successfully been applied.
For a more complex requirement, like a firewall configuration change, this would require the consideration of things like:
- Change windows/requests
- Individuals required to apply the change
- Documentation to be completed pre and post change
The lifecycle is typically then reported to senior management so we can then work with the organisation to define the automated reports, or templates for individuals to adjust. The typical reports we work to produce with organisation's are for area's like:
- Remediation time against SLA
- Number of vulnerabilities
- Unknown devices detected on the network
- Number of assets scanned in any particular 30 day period, where the requirement is that all assets are scanned at a minimum of every 30 days for instance
We look forward to welcoming you on this webinar!