CHAPTER 46
VULNERABILITY ASSESSMENT
Rebecca Gurley Bace
46.1 SCOREKEEPER OF SECURITY MANAGEMENT
46.1.1 What Is Vulnerability Management?
46.1.2 What Is Vulnerability Assessment?
46.1.3 Where Does Vulnerability Assessment Fit in Security Management?
46.1.4 Brief History of Vulnerability Assessment
46.2 TAXONOMY OF VULNERABILITY ASSESSMENT TECHNOLOGIES
46.2.1 Vulnerability Assessment Strategy and Techniques
46.2.5 Strengths and Weaknesses of VAS
46.2.6 Roles for Vulnerability Assessment in System Security Management
46.3.2 Attributes of Penetration Testing
46.3.4 Managing Penetration Testing
46.1 SCOREKEEPER OF SECURITY MANAGEMENT.
Information security has, over time, evolved from a collection of esoteric security issues and technical remedies to its current state, in which it is more tightly integrated with the area of enterprise risk management. One effect of this move from technology to management discipline is the growth in the deployment and use of vulnerability management (and its primary technical constituent, vulnerability assessment [VA]) systems. These systems are considered fundamental to modern information security practice and have matured in architecture, features, and interfaces to accommodate the changing landscape of modern enterprises.
46.1.1 What Is Vulnerability Management? ...
Get Computer Security Handbook, Fifth Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
