Vulnerability management is an ongoing cyclical process of detection, assessment, remediation, and reassessment. It differs from Vulnerability Assessment which is a one-time evaluation of a host or network.
This will typically take the form of understanding all environments within the scope of the vulnerability management service, including Cloud, on premise and hybrid environments together with their respective network address ranges.
The operational security management Consultants shall seek to understand and document key and critical systems, Network access points, systems with external interfaces (Public IP Addresses) and any other data to aid in contextualisation and prioritisation.
An initial discovery scan of the agreed environments scope will be carried out to both verify and reconcile the accuracy of any asset database and to establish a base line of scanning scope to inform the future vulnerability scan scope.
Discovery scanning shall also form part of the regular scanning lifecycle to capture any changes in the scanning scope, positive or negative, to be reconciled against expected changes and aid in the detection of any rogue devices which may have appeared since the last scan cycle.
Working with technical resource teams, Service management and third parties to raise, track, monitor and assure effective and timely remediation. Findings are rated from Critical to informational and together with the criticality of system will be used to inform risk level of the issue, which will then determine the response priority and actions to be taken.
Where recommended time scales cannot be met, the Security/Vulnerability Manager will work with technical teams and the client to agree an appropriate risk-based approach and time scale.