In the last video, we talked about the use of consultants and automation of vulnerability management.
We also discussed somewhat common tools and used for vulnerability. Manager.
In this video, we're going to talk about priority arising. Remediation of on abilities
following objectives We're gonna talk about priority arising. Remediation
and the vulnerability reporting.
Let's look at our pre assessment.
What does vulnerability management identify?
perimeter and internal weaknesses? Be only perimeter weaknesses or a seat only internal weaknesses?
The correct answer here is a
vulnerability. Imagine that helps you identify weaknesses on boat to perimeter and internal network.
So it's like a prior to rise and remediation. So we're gonna cover level one, which is minimal.
Level two, which is medium
level three, which is serious. Level four, which is critical and level firewood. Just urgent.
So let's jump right on it.
So first we're gonna go head to cover Level one, which is minimal
in this level of vulnerability scanning. Some information can be collected from a target system,
but it's not a critical system, and information obtained has little value.
We still need to perform remediation of these one abilities, but they are not critical tow business operations.
Now let's look at Level two medium
and this level the target system, maybe a critical system,
but they're for made obtain. Its Onley moderately helpful,
such as a version of sulfur applications or the operating system and use.
And Yvonne ability discovered needs to be re mediated. But there is likely not an urgency for the organization to do so.
Now let's look at Level three, Siri's.
In this level, the target system is likely critical system.
There are indicators of a threat. Actor.
This could include things like directory browsing,
the reading of files and in dollars service or distributed denial of service attacks.
Any vulnerabilities discovered needed to be remediated. Quick.
Let's look at Level four
and level forward torque. It system is a critical system, and there are indicators of an attacker gaining nexus gaining gaining access.
You may see insulation of back doors on a target system,
data death or confidential information exposed like a list of user log in credentials.
Any vulnerabilities needed to be remediated with the knobs
and last, Let's look at Level five urge.
In this level, an attacker is executing mo code and may have gained read right access to files own critical systems.
Vulnerabilities need to be remediated immediate.
Now let's look at vulnerability reporting.
It's important for our vulnerability. Imagine reports to be accurate and digestible for audience.
An easy way for us to get reporting is through the use of automated tools like open vials for vulnerability management.
And the supplemental resource is for this course I have linked to it have linked to a simple
to a sample Open vials report output
so you can get an idea would have made Little
says. Look at discovering vulnerability management on demand.
So how do we determine the best own demand? One. Ability management to to use
you two should include the following at the minimum.
So one identification of weakness.
The two news to be able to identify a boat, internal and external weaknesses.
Attack databases. The owned demand to should having a tax signature database, and it's constantly updated since new vulnerabilities or exposed deadly
The two she require credentials for access integration with network appliances,
own demand to should integrate with existent network appliances like Simms
and Ideas I PS systems
The two should also have a dashboard that allows organization toe easily, identify roll devices on the network
trend analysis and that list of UN remediated run abilities with the highest level of severity
the two should also generate accurate reports.
Let's look at our post, says
Level 51 abilities that are found not need to be fixed. Urgent.
Is it true or is this folks?
This is false. Level five own abilities are considered urgent and should be corrected immediately.
Now let's look at our summer.
In this video, we talked about priority arising remediation of on abilities and vulnerability reports. In the next video, we're gonna talk about
the 10 best practices for vulnerability management.