Practical Vulnerability Management · A Strategic Approach to Managing Cyber Risk

*A hands-on guide to improving an organization's computer security and developing scanning tools on a budget.*

Practical Vulnerability Management discusses the components of a vulnerability management program and shows the reader how to build a free or low-cost system to automatically handle the repetitive aspects of vulnerability management. Vulnerability management is a critical and sometimes neglected aspect of information security. It consists of two main parts: awareness and action. First, the security practitioner must be aware of the vulnerabilities that exist in an organization's systems and understand how dangerous each one is. Second, that information must feed into an ongoing process of addressing vulnerabilities by updating the vulnerable systems or otherwise mitigating their severity.