Summary (My notes)#
A series of videos (3 parts) that talk about vulnerability management:
- from finding the context with tools
- leveraging the context for prioritization
- leveraging context to create meaningful and tailored metrics for specifics to owners, systems, applications, by business unit
- churn rate
- mean time to detect - average
- mean time to resolve - average
- agents coverage vs non-agent
- SLA compliance rate
- leveraging context for reporting (tailored) automated.
- exceptions
- vulnerable images
- Contextual Information
- Enterprise assets, cloud assets, and ownership information.
- Leveraging Contextual Information
- Prioritization, Metrics, and Reporting
- Threat intel (internal and external)
- Effective VulnMgmt
- Working Vs Effective
- Mean Time to Detect: Average (vuln pub data - vuln found date)
- Churn rate: Absolute Value (New vuln - Closed vuln @ monthly)
- Re-open rate:
- Averagee Exposure Windows: Average (vuln close date - vuln pub date)
- Overdue: (current date - first discovered) > Policy
- Communication and collaborations
- feedback, tailored report
- Enabling business to deliver mission
- Working Vs Effective
- Comments:
- CMDB is too slow nowadays
- tracking image version, usage, life-span, deployed
- Multiple scanners and automation
- CMDB is too slow nowadays