Browse Definitions :
Definition

vulnerability and patch management

Vulnerability management is a pro-active approach to managing network security. It includes processes for:

  • Checking for vulnerabilities: This process should include regular network scanning, firewall logging, penetration testing or use of an automated tool like a vulnerability scanner.

  • Identifying vulnerabilities: This involves analyzing network scans and pen test results, firewall logs or vulnerability scan results to find anomalies that suggest a malware attack or other malicious event has taken advantage of a security vulnerability, or could possibly do so.

  • Verifying vulnerabilities: This process includes ascertaining whether the identified vulnerabilities could actually be exploited on servers, applications, networks or other systems. This also includes classifying the severity of a vulnerability and the level of risk it presents to the organization.

  • Mitigating vulnerabilities: This is the process of figuring out how to prevent vulnerabilities from being exploited before a patch is available, or in the event that there is no patch. It can involve taking the affected part of the system off-line (if it's non-critical), or various other work-arounds.

  • Patching vulnerabilities: This is the process of getting patches -- usually from the vendors of the affected software or hardware -- and applying them to all the affected areas in a timely way. This is sometimes an automated process, done with patch management tools. This step also includes patch testing,

 

This was last updated in November 2010
SearchCompliance
  • compliance risk

    Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting ...

  • information governance

    Information governance is a holistic approach to managing corporate information by implementing processes, roles, controls and ...

  • enterprise document management (EDM)

    Enterprise document management (EDM) is a strategy for overseeing an organization's paper and electronic documents so they can be...

SearchSecurity
  • hacker

    A hacker is an individual who uses computer, networking or other skills to overcome a technical problem.

  • Extensible Authentication Protocol (EAP)

    The Extensible Authentication Protocol (EAP) is a protocol for wireless networks that expands the authentication methods used by ...

  • session key

    A session key is an encryption and decryption key that is randomly generated to ensure the security of a communications session ...

SearchHealthIT
SearchDisasterRecovery
  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • call tree

    A call tree is a layered hierarchical communication model that is used to notify specific individuals of an event and coordinate ...

  • Disaster Recovery as a Service (DRaaS)

    Disaster recovery as a service (DRaaS) is the replication and hosting of physical or virtual servers by a third party to provide ...

SearchStorage
  • cloud storage

    Cloud storage is a service model in which data is transmitted and stored on remote storage systems, where it is maintained, ...

  • cloud testing

    Cloud testing is the process of using the cloud computing resources of a third-party service provider to test software ...

  • storage virtualization

    Storage virtualization is the pooling of physical storage from multiple storage devices into what appears to be a single storage ...

Close