SANS Vulnerability Management (VM) Maturity Model - Prepare
The Prepare phase of the PIACT model for vulnerability management includes activities that help organizations prepare for and support effective operation and governance of the vulnerability management...
SANS Vulnerability Management (VM) Maturity Model - Intro & Analyze
Previously I wrote an article about prioritization not being a solution to the vulnerability management problem many companies are facing. So, the irony is not lost on me that I will be presenting an ...
Reporting for Vulnerability Management
Out-of-the-box vulnerability reports are not very useful. I have found that by simplifying the information we are reporting to the remediation teams and also by targeting individuals with only the vul...
Prioritizing Vulnerabilities Is Not A Solution
It seems like all I hear about in the vulnerability space right now is prioritization. It is the blockchain of vulnerability management. Yet, prioritizing vulnerabilities does little, if anything at a...