The vulnerability management life cycle is a crucial procedure that aids in
locating and fixing security flaws before they may be used against you. This
entails establishing an organization's risk posture and policies, compiling
a comprehensive list of all the systems it owns, scanning and evaluating the
environment for exposures and vulnerabilities, and acting to mitigate any
vulnerabilities.
PHASES
There are a total of 6 phases, further divided into 3 categories i.e.
Pre-Assessment, Assessment and Post-Assessment Phase.
Pre-Assessment Phase
This category consists of one phase i.e., Identify Assets and Create a Baseline phase. This phase identifies critical assets and prioritizes them to define the risk
based on the criticality and value of each system. The following are the steps
involved in creating a baseline:
- Identify and understand business processes.
- Identify the applications, data, and services that support the business processes and perform code reviews.
- Identify approved software, drives, and the basic configuration of each system.
- Create an inventory of all assets, and prioritize/rank critical assets.
- Understand the network architecture and map the network infrastructure.
- Identify the controls already in place
- Understand policy implementation and standards compliance
- Define the scope of the assessment
- Create information protection procedures to support effective planning, scheduling, coordination, and logistics.
Vulnerability Assessment
This category consists of one phase i.e., Vulnerability Scan. In
this step, the security analyst performs the vulnerability scan on the
network to identify the known vulnerabilities in the organization's
infrastructure. The ultimate goal of vulnerability scanning is to scan,
examine, evaluate, and report the vulnerabilities in the organisation's
information system. Steps involved in the assessment phase:
- Examine and evaluate the physical security
- Check for misconfigurations and human errors
- Run vulnerability scans using tools
- Select the type of scan based on the organization or compliance requirements
- Identify and prioritize vulnerabilities
- Identify false positives and false negatives
- Apply the business and technology context to scanner results
- Perform OSINT information gathering to validate the vulnerabilities
- Create a vulnerability scan report
Post-Assessment Phase
This category consists of four phases. The post-assessment phase is also
known as the recommendation phase. It is performed after and based on risk
assessment. Post-assessment includes Risk Assessment,
Remediation, Verification, and Monitoring.
- Risk Assessment: The risk assessment summarizes the vulnerability and risk level identified for each of the select assets. The tasks performed in the risk assessment phase include:
- Perform Risk Categorization (critical, high, medium, and low)
- Assess the level of impact
- Determine the threat and risk levels
- Remediation: It is the process of applying fixes to vulnerable systems to reduce the impact and severity of vulnerabilities. The tasks performed in the remediation phase include:
- Prioritize remediation based on the risk ranking
- Develop an action plan to implement the recommendation
- Perform root cause analysis
- Apply patches/fixes
- Capture lessons learned
- Conduct awareness training
- Verification: This phase provides clear visibility into the firm and allows the security team to check whether all the previous phases have been perfectly employed or not. The tasks performed in the verification phase include:
- Rescan of systems to identify if the applied fix has remediated the vulnerability
- Perform dynamic analysis
- Review attack surface
- Monitor: Continuous monitoring identifies potential threats and any new vulnerabilities that have evolved. The tasks performed in the monitor phase include:
- Periodic Vulnerability scan and assessment
- Timely remediation of identified vulnerabilities
- Intrusion detection and intrusion prevention logs.
- Implementation of policies, procedures, and controls.
You might be interested in,
- Phases of Hacking
- Introduction to Vulnerability Assessment
- Vulnerability Classification
- Vulnerability Assessment Types
- Vulnerability Assessment Solutions and Tools
- Vulnerability Assessment Reports
We hope this helps. If you have any suggestions or doubts you can add a
comment and we will reply as soon as possible.
No comments:
Post a Comment