If you are done reading my “Vulnerability and Security Configuration Assessment Solutions Comparison”, time to start on the next opus grandioso. My “Vulnerability Management Practices and Vulnerability Assessment Technology” just published. If the first one was about market trends and vendors, this one is a deep-dive into today’s vulnerability assessment (VA) technology. It covers how this technology faces the challenges of today’s security (such as vulnerability and security-relevant configuration assessment of emerging IT environments, etc), how it is architected and – in GREAT depth – how the data is analyzed and prioritized (a much more expanded version of this). The paper also contains a detailed list of VA tool capabilities, that you can use for your tool comparisons.
So, without further ado, please welcome “Vulnerability Management Practices and Vulnerability Assessment Technology” in its entire 56 page glory
Abstract follows below:
“Vulnerability assessment (VA) plays a critical role in enterprise vulnerability management (VM). Tools are only now being expanded to cover in-depth security configuration assessment (SCA), large-scale vulnerability prioritization, and new cloud, mobile, and virtualization environments. This document focuses on today’s VA technology challenges and practices in complex, large-scale IT environments.”
Read Complimentary Relevant Research
How to Evaluate Cloud Service Provider Security
Security and risk management leaders continue to experience challenges to efficiently and reliably determine whether cloud service providers...
View Relevant Webinars
Securing the Internet of Things: An Architectural and Risk-Driven Approach
Security is a top concern and significant inhibitor to Internet of Things (IoT) adoption. In this Webinar, Erik T. Heidt will identify...
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.