In This Chapter

Determining which vulnerabilities to address first

Patching your systems

Looking at security in a new light

After you complete your tests, you want to head down the road to greater security. However, you found some security vulnerabilities — things that need to be addresses. (I hope not too many serious ones, though!) Plugging these security holes before someone exploits them is going to require a little elbow grease. You need to come up with your game plan and decide which security vulnerabilities to address first. A few patches might be in order and possibly even some system hardening. You may need to purchase some new security technologies and might want to reevaluate your network design and security infrastructure as well. I touch on some of the critical areas in this chapter.

Turning Your Reports into Action

It might seem that the security vulnerability to address first would be obvious, but it’s often not very clear. When reviewing the vulnerabilities that you find, consider the following variables:

• How critical the vulnerable system is
• What sensitive information or business processes are at stake
• Whether the vulnerability ...