Learning Vulnerability Management

Learning Vulnerability Management

English | MP4 | AVC 1280×720 | AAC 48KHz 2ch | 0h 53m | 111 MB

Some people think that vulnerability management just means patching OS systems, but it’s so much more than that. Vulnerability management is something every organization needs to address; however, many don’t understand the mechanics and breadth of the challenge. This course provides those without prior experience in the area an overview of why vulnerabilities exist, as well as an explanation of the process of managing them from start to finish. Instructor Lora Vaughn McIntosh covers the three key components of vulnerability management and the tools needed to establish a program of your own. Get an introduction to vulnerability scanning and reporting, learn how to identify which vulnerabilities to address first, discover how to vet false positives, and more.

Topics include:

  • What’s a vulnerability and why do they exist?
  • Main sources for vulnerability data
  • Prioritizing vulnerabilities
  • The industry standard for vulnerability risk scoring
  • How regulations can impact vulnerability management processes
  • How compensating controls affect vulnerabilities
  • Vetting false positives
  • Confirming remediation
  • Building a vulnerability management program
Table of Contents

1 Managing vulnerabilities
2 The key elements of vulnerability management DARC
3 What is a vulnerability
4 Why do vulnerabilities exist
5 Vulnerability sources
6 Introduction to vulnerability scanning
7 Reporting
8 Handling all those vulnerabilities
9 CVSS Industry standard risk algorithm
10 Concern Regulatory requirements
11 Concern Exposure
12 Risk and compensating controls
13 Intro to patch config management tools
14 Vetting false positives
15 Confirming remediation
16 Reviewing DARC
17 Building a program
18 Next steps