VULNERABILITY MANAGEMENT

Vulnerability Management is a core security practice to understand and to assess the risk to an organisations technical estate. This function assesses new vulnerabilities, determines applicability and criticality of the flaws in the context of the  technologies deployed within the organisation.

Once vulnerabilities are triaged, the required updates are scheduled into the company’s Patch & Change Management processes to be rolled out in a timely manner.

CARIBSOC offers further guidance on Patch & Change Management in our Policies & Practices area.

CVE & CVSS

CARIBSOC utilizes the industry standard Common Vulnerabilities & Exposures (CVE) & Common Vulnerability Scoring System (CVSS) for referencing, disclosing and rating vulnerabilities. Overseen by the Mitre Organisation & National Institute for Standards & Technology (NIST); these frameworks provide a globally uniform numbering and criticality rating standard for security vulnerabilities that is used by companies and corporations around the globe.

VULNERABILITY MGT LIFECYCLE:

Vendor Patch Tuesday Commentary:

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt