in the last video, we talked about applying patches.
In this video, we'll talk about performing another vulnerability scan to verify the patchwork.
It's also get I learned objectors.
We're gonna learn why we verify a patch has worked
and we're gonna learn about vulnerability reporting.
Let's look at the process.
An organization does not need to re scan for vulnerabilities after Patch,
since the patch will fix everything.
This is actually false.
It doesn't get the patch.
re scans assets starting with critical ones.
It checks for software and hardware issues.
Checks That patch didn't introduce new vulnerabilities
After a plan, a patch are completing the re mediation process. Be sure to Reese, Can I pee connected assets, especially the critical assets.
This step verifies that the fix work
and that it doesn't cause other network devices. What service is our applications to malfunction or to be exploded to other vulnerabilities?
Business risk and security risk to indicators you can use to prior to rise remediation efforts,
extremely valuable assets may have a much higher priority rating for remediation efforts, even though the vulnerability detected
ONI systems heavy lower security risk
in lower priority asset, such as server hosting. The lunch menu for company
may have a more critical vulnerability,
risk and priority to the fix for the vulnerability would not wait. Maur Important business critical system
so is look at the vulnerability management to report.
So we have adequate documentation for the lows and standards
as we can see a few standards that's listed here.
It's for us. Hippos, socks,
G O B A. We C P C I as well, which P. C. I is very important because if anything, that covers financial
all credit card transactions.
So we have custom templates, and we have internal policies as well, too.
So verify fixes what result. Resulting scan reports may provide adequate documentation for orders
checking for compliance with security provisions of laws and regulations
such as the ones that we have here listed.
So some vulnerability management solutions provide custom templates for specific regulations.
So we do have custom simply. It's for nest
for hip, for socks and for PC I as well, in which
it scans for compliance within the actual server or the data bits.
So I take a look at the Post assessment.
There are no vulnerability management reports that offer custom templates for specific laws and standards.
This is actually false.
In this video, we talked about performing another on ability scan to verify the patchwork.
In the next video, we'll learn about different vulnerability management options.