ABSTRACT
The two previous chapters discussing network and systems management, ITIL, and security management were intended to provide the organization with background on how to establish these processes in the organization’s current environment. To complete this discussion, it is important to cover vulnerability management and where it fits into an organization’s security posture. The vulnerability management process itself is discussed, providing insight into the high-level steps an organization should include in the process. While each organization will tailor this process to meet its own needs and requirements, information regarding the process is provided to give the organization some background.
