Vulnerability Management: The Big Picture

Information systems vulnerabilities expose networks to attack by threats, and potential loss to your organization. This course will teach you about a vulnerability management process that can help you identify, analyze, and patch vulnerabilities.
Course info
Rating
(10)
Level
Beginner
Updated
Sep 27, 2017
Duration
1h 37m
Table of contents
Description
Course info
Rating
(10)
Level
Beginner
Updated
Sep 27, 2017
Duration
1h 37m
Description

Keeping an information system secure is an essential and continual process to stop potential threats. In this course, Vulnerability Management: The Big Picture, you'll learn the vulnerability management process and how it fits into an information security plan. First, you'll discover the importance of conducting regular vulnerability scans. Next, you'll explore how to prioritize vulnerability remediation. Finally, you'll delve into some tools that are available to help you automate these processes. By the end of this course, you'll have developed a deeper understanding of the basics of the vulnerability management process and the importance of its implementation.

About the author
About the author

Matt Glass is a Multi-national Systems Integrator in Stuttgart, Germany, working as a government contractor. He has been working in the IT field for the last eight years.

More from the author
Getting Started with Nmap
Beginner
1h 26m
Oct 5, 2018
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
(Music playing) Hello everyone. I'm Matt Glass, and welcome to my course, Vulnerability Management: The Big Picture. Recent cyber attacks have highlighted the need for an information security strategy that addresses vulnerabilities in information systems and reduces the risk of becoming the next target for malicious threats. In this course, you'll learn how to detect, analyze, and remediate, or mitigate information system vulnerabilities using a vulnerability scanner. This course will cover a vulnerability management process that covers each step that you, acting as an information systems security officer, can follow to secure your organization systems. The process will cover vulnerability discovery, vulnerability analysis, prioritization and reporting of vulnerabilities, and remediation and mitigation of those vulnerabilities. Throughout the course, I've prepared some demos so that you can conduct the process on a virtual machine or your home computer using the Nessus scanner. As a big picture course, the emphasis is on learning the basics of a vulnerability management process and the importance of its implementation. There are no prerequisites for this course, and it's perfect for anyone who wants an introduction to vulnerability management with information systems. I really enjoyed creating this course, and I hope you enjoy learning from it. Thanks for watching.

Vulnerability Analysis
All right, welcome to our next module, Vulnerability Analysis. In this module, we're going to go over some of the steps you can take to analyze the output from the scanning tool used to discover vulnerabilities on our devices. Let's take a look at the overview for this module. In this module, we're going to start by analyzing the scan output. The focus for this part of the module will be on the summary output of the scanning tool to get an idea of the overall status of the assets we scanned. After that, I'm going to show you how to analyze the vulnerabilities using all the information we collected in the previous module. Before we get started, let's take a look at where we are in the vulnerability management process. In the previous module, we started with preparation where we did some of the initial inventory gathering and got the approval to start scanning. Then, we moved into the discovery phase, where we conducted our first vulnerability scan of Wired Brain Coffee's network. Now we're in the analysis phase of the cycle, where we will assess the vulnerabilities before prioritizing and remediating them. To do that, let's see what we're going to look for in this analysis. First, in the output of the scan, we'll see a summary of the whole network, which provides a snapshot of how vulnerable our network is. We'll also look at the summary of an asset, or group of assets, which we will then use to continue diving further in by looking at the detailed information of a vulnerability. The summary outputs are going to help us identify vulnerable assets on the network that will then be the focus of our remediation efforts. We will also use these reports to identify any vulnerabilities that require immediate attention. As we continue using the vulnerability management process, we'll also want to look at the status of our network and trends over time. Conducting a proper vulnerability analysis is critical to the success of the remediation efforts, and is in my opinion, the step that makes or breaks a vulnerability management process. So if you're ready to get started, let's get going with an analysis of the summary output of the scan.

Prioritization and Reporting
All right. Now that we finished analyzing the vulnerabilities we discovered on Wired Brain Coffee's networks, the next two steps are to prioritize the vulnerabilities for remediation, and to report our findings. Before we get started, let's take a look at the overview for this module. This module will cover how to take the results of our analysis and use our findings to determine the severity of the vulnerability, and then prioritize the vulnerabilities once the existing security controls and asset values are taken into account. I will also show you an example of information you would want to include in a report to management and the asset owners. Before we get into these concepts, let's see where we are in the vulnerability management process. First, we talked about the preparation and discovery process, and then we took the results and performed a vulnerability analysis. Now we're going to take that information and use it to determine the priority of the vulnerabilities for remediation. This process takes other factors that our scanner did not detect into account to determine which vulnerabilities we should focus on first. Once we complete the prioritization process, we're ready to report our findings. This brings us to the goals of these two processes. In prioritization, we want to define the priority for our analysis and determine the focus of our remediation. In reporting, our goal is to compile the current vulnerability status and get approval to conduct a remediation or to mitigate the findings based on our recommendations. So if you're ready to learn about the next phase of vulnerability management, we'll begin with identifying and assessing the level of the vulnerability.