Vulnerability management may be a pro-active approach to managing network security through reducing the likelihood that flaws in code or style compromise the security of an endpoint or network.
Vulnerability management processes include:
Checking for vulnerabilities: This process should include regular network scanning, firewall work, penetration testing or use of an automatic tool sort of a vulnerability scanner.
Identifying vulnerabilities: This involves analyzing network scans and pen take a look at results, firewall logs or vulnerability scan results to seek out anomalies that recommend a malware attack or different malicious event has taken advantage of a security vulnerability, or may probably do so.
Verifying vulnerabilities: This process includes ascertaining whether or not the known vulnerabilities may really be exploited on servers, applications, networks or different systems. This also includes classifying the severity of a vulnerability and also the level of risk it presents to the organization.
Mitigating vulnerabilities: this can be the method of determining a way to stop vulnerabilities from being exploited before a patch is accessible, or within the event that there’s no patch. It will involve taking the affected a part of the system off-line (if it’s non-critical), or numerous different work-arounds.
Patching vulnerabilities: this can be the process of obtaining patches — typically from the vendors of the affected software or hardware — and applying them to any or all the affected areas in an exceedingly timely approach. this can be sometimes an automated process, through with patch management tools. This step also includes patch testing.
Click here to get such more insights
Book: Testing Practitioner Hanbook by Renu Rajani.