Difference between revisions of "Vulnerability Management"
From Socology.org - The Study of Security Operations
(Created page with "'''This section is under development''' == Objective == == Process == == Tooling == == Ticketing == == Reporting == == Staffing == == Budgetin...") |
|||
| Line 2: | Line 2: | ||
== Objective == | == Objective == | ||
| − | + | A vulnerability is defined in the ISO 27002 standard as “A weakness of an asset or group of assets that can be exploited by one or more threats” (International Organization for Standardization, 2005) | |
== [[Process]] == | == [[Process]] == | ||
| Line 32: | Line 32: | ||
== Citations == | == Citations == | ||
| + | ISO/IEC. 2015. Information technology -- Security techniques – Code of practice for information security management. ISO/IEC 27002 | ||
Revision as of 07:02, 1 November 2018
This section is under development
Contents
Objective
A vulnerability is defined in the ISO 27002 standard as “A weakness of an asset or group of assets that can be exploited by one or more threats” (International Organization for Standardization, 2005)
Process
Tooling
Ticketing
Reporting
Staffing
Budgeting
Communications
Documentation
Lessons Learned | Pain Points
Citations
ISO/IEC. 2015. Information technology -- Security techniques – Code of practice for information security management. ISO/IEC 27002
