Episode 7

Vulnerability Management – What? When? How?

What qualifies a risk as acceptable or not? When should confirmed vulns be fixed by? Perhaps most distressingly, how do we know when a vulnerability has actually been remediated? Vulnerability Management looks different from business to business, but some things are common musts:

  • A workflow framework that security & dev agree on
  • Live critical finding notifications
  • Active remediation monitoring
  • Visibility throughout ticket lifecycles "from soup to nuts"
Resources

Episode Writeup

Subscribe for updates

Please enter a business email
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Please enter a business email
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.