in the last video, we wrapped up our discussion on why we need
want ability management by talking about identifying and fixing folks in this video, we're gonna talk about the benefit of security policies and vulnerability, management and importance of tracking inventory.
So I was like, Get out learning objectives.
We're going to cover benefits of security policies. Tracking inventory,
categorizing assets. Ask Anna vulnerabilities.
Take a look at our pre assessment
for the most accurate vulnerability scans you should
a scan on authenticated against the system
be scanned, authenticated against the system. Horsey.
You time sensitive passwords
I can't answer here is gonna be be scant. Authenticated against system
authentication is basically the server and a vulnerability management to communicating with each other.
Authentication allows a vulnerability management tool to scan inside of the server,
basically capturing a accurate number of on abilities with the Net. Sir.
So getting acid. Here's B.
Let's talk about security policies
so we're gonna cover it, help reduce the security hose.
We're going to cover that Maura structure decision making for vulnerability management. We're going to see if it's enforceable,
So policy is one of those busters terms that can make an I t expert eyes glaze over
but master, an idea of policies for vulnerability management does more than make an I t person feel as important as the CEO or a politician.
provide ability. Management make it easier to define actions. That guy decision making about setting up your Vulnerability mansion program.
The result of good policies. Make it easier and faster for you and I t Security team to discover vulnerabilities, remediate those security holes and produce documentation to satisfy audit requirements for compliance.
Now let's look at three keys here
So what policies determined
The nature of controls use. Ensure security, such as standard configurations for, OH, security devices and applications, including antivirus Farrah Whoa! Intrusion Detection and Prevention.
I think security expert should create a matrix with a short list of configurations and features so that policymakers can understand their options for security controls.
policies and controls apply to servers, network devices
and applications, and then points.
And thoroughly policymakers need to determine
the business impact of vulnerability on each asset or asset group.
For example, a system that host
the lunch menu probably isn't as important as a system that maintains customer information
Proselytization weighs a business risk and importance of each asset,
which affects the urgency and completion order of vulnerability and remediation.
So it's like that tracking inventory.
So we're gonna cover the identity
of assets. We're gonna talk about what our assets. And also we're gonna talk about how to automate track.
So in order to fix vulnerabilities, you must first understand what assets such as servers, desktops and devices you have in your network and then testifying. Any vulnerability that may exist
track inventory and categorizing assets establishes
an evaluation baseline
and this step you create and continually maintain a database of all Internet protocol devices attached to the network.
Here is where you connect the actual assets and your network with the policies determining relative business value photos. Assets.
So let's talk about the identification of the inventory.
Vulnerability management are basically vulnerability. Scanning
is usually done by directing the scanner at a particular I P address or a range of addresses.
So it's useful to organize your database by peas
elements and as that group include
hardware, software applications, service's and configurations to tracking his level of detail provides
the file on benefits.
it is. The data enables organization to identify
which boy Billy's affect particular subsets of the I T infrastructure.
The tracking inventory helps
the speed the scanning process because it enables you to scan multiple asset groups and parallel.
You can track this data manly but vulnerability management. It's much more effective by automating the entire inventory process for discovery and tracking,
it gives an accurate inventory
that ensures the correct patches or selected and apply it during remediation.