Time
1 hour 23 minutes
Difficulty
Beginner
CEU/CPE
2

Video Transcription

00:01
in the last video we talked about prior to rising remediation of Ron abilities and vulnerability reports.
00:09
So I was looking at learning objectives.
00:11
We're gonna talk about it. 10 Best Practices for Vulnerability management.
00:16
But before we do that, let's take a look at our pre assessment.
00:19
What is the most important phase of born ability management?
00:23
Is it a Discovery Network Assets?
00:26
Is it be running comprehensive scans or is it c
00:30
checking inside and outside the Demsey?
00:36
The correct answer is a
00:38
discovering network Assets is correct.
00:41
We have to know our assets to measure and prior to rise risk.
00:48
Let's look at the 10 best practices of vulnerability management.
00:52
So number one. We have discovered no work assets.
00:56
Number two. We have classify assets number three. We have checked inside and outside of D M Z
01:02
Now, before we have comprehensive scans. Number five. We have reports for technical staff
01:07
number six, with reports for management
01:10
number seven with compliance reports Number eight. We have patching number nine. We have trekked progress and last but not least at number 10. We have repeat,
01:22
so let's check him out
01:23
first. Let's go ahead and talk about Discovery network assets,
01:29
So we have to discover what our assets are on a network. This allows us to didn't identify areas of risk and quantified.
01:40
Next. We have classify assets,
01:42
so identify and assets also allows us to classify the assets based on their value to business operations
01:51
and helps us buying areas that are the most susceptible to attack
01:56
classifying assets. Always ask yourself, Is this critical to the business function?
02:05
Now let's go on to check inside and outside the Demsey.
02:10
The point of checking inside and outside of dams is to focus on being comprehensive with your network vulnerability. Scan
02:17
attacks can originate from insider threats or external its actors
02:24
comprehensive scans.
02:28
It is important to run comprehensive scans, and you want to focus on scanning your critical systems first.
02:36
As I mentioned through through this course,
02:38
this process should be automated to help conserve resource is and reduce costs.
02:45
Now look at reports for technical staff
02:51
for technical staff. The reports need to be comprehensive, with instructions on how to re mediate Vulnerabilities
03:00
says Look at reports for management
03:04
for management reports need to be easily digestible.
03:07
Using metrics,
03:09
diagrams, shorts and other visual aids. Will help the manager your team understand information discovered in the Vulnerability scan.
03:19
This helps you get better financial buy in to remediate the vulnerabilities.
03:27
Now let's move on to compliance reports.
03:30
Many vulnerability management tools have reporting that is compliant with various regulations and standards.
03:36
Often you can simply select a regulation like hip hop,
03:40
and the two will generate a report in a format needed to meet the regulation.
03:47
Now let's talk about Patch.
03:51
Most software applications have new releases, so patching is an important task for any organization.
03:59
However,
04:00
we needs a product arise our patching to focus on critical systems First.
04:09
Now let's talk about
04:10
de Shrek the tracking of progress.
04:14
So we need to track if our mediation is working.
04:17
We can do this by integrating with the help desk ticketing system
04:21
and or by performing another vulnerability scan on the system.
04:30
Lastly, let's talk about repeat.
04:33
Remember, vulnerability. Management is not a one time process, and you're done.
04:41
New vulnerabilities arrives daily,
04:43
and we need the check we need to check for
04:46
critical systems should be scanned on a weekly basis at the minute.
04:55
Now let's take a look at our post assessment
04:58
Once I do I want to believe it?
05:00
I never have to do one again.
05:01
Is this true
05:03
or is this false?
05:09
This is folks.
05:10
Bone ability. Management is a ongoing process
05:13
and vulnerability. Scans should be performed on critical systems at least a week.
05:21
Let's go ahead and summarize.
05:25
So in his video
05:27
we talked about Tim Best practices of vulnerability management.
05:31
I want to thank you again for taking its course. Remember, this course was just a foundational course and vulnerability management.
05:40
I hope you learned a lot.
05:41
And don't forget to Diallo, that supplemental
05:44
resource is.

Fundamentals of Vulnerability Management

Most of the successful attacks through a business network could be prevented with vulnerability management. This course focuses on what you can do to automatically manage vulnerabilities and keep your network safe from attack.

Instructed By

Instructor Profile Image
Corey Charles
Founder of DreamVision IT LLC
Instructor