Sunday, December 29, 2019
Interpreting The Results And Remediation - 1512 Words
Interpreting the results and remediation. After the vulnerability assessment has taken place it is time to interpret the results of the scan. This is where the organization finds out what the vulnerabilities of their network are. The vulnerabilities that were found in the process of the assessment must be categorized, most vulnerability scanners will produce reports that will list and categorize the threats that were found, this is also called threat modeling which we will get into in the next section. Once these results are analyzed the next step is to start remediating the vulnerabilities. Just like any other updates, the remediation of vulnerabilities should be scheduled, change management is a very important part of an organizations ITâ⬠¦show more contentâ⬠¦Once the scans are complete and the current vulnerabilities are patched it is a good idea to implement a regular scanning schedule, once per month is an acceptable frequency to scan the network for new vulnerabilities. Vulnerability assessment is a continuous cycle due do new vulnerabilities being discovered every day, organizations must stay on top of their game if they want their organization to remain secure. Figure 1 illustrates the continuous cycle of vulnerability assessment. Modeling and Determining Threats Threat modeling is a way to categorize threats using a structured approach to address the threats with the most potential to do damage to a network. An example of a threat model that is commonly used to rate threats is DREAD, this acronym stands for Damage, Reproducibility, Exploitability, Affected users, and Discoverability. Each of these categories is assessed a value from 0-10 with 0 being nothing and the being the most serious risk. (OWASP, n.d.) An approach such as this will assist an organization in determining the importance and priority of threats on their network. Another commonly used threat model is STRIDE, as seen in Table 2. The following sections will walk through the entire process of threat modeling. Identifying Assets To model threats, the organization will need to identify their assets. The assets will typically be critical
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.