From the course: CSSLP Cert Prep: 7 Software Deployment, Operations, and Maintenance
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Vulnerability management
From the course: CSSLP Cert Prep: 7 Software Deployment, Operations, and Maintenance
Vulnerability management
- [Instructor] In order to detect and address potential weaknesses before the attackers do, you'll want to implement an effective vulnerability management process. You can get ahead of those attackers by learning how to scan, track, and triage vulnerabilities. Earlier in this course, when we discuss post-deployment security testing, we talked about vulnerability scanners. Well, vulnerability scanning is a foundation of vulnerability management. It's not the entire program. Scanning is an important step, but it's only the first one. Like many other aspects of your application security program, vulnerability management is cyclical. You start by scanning for potential weaknesses in every component of your app and app infrastructure. You then validate the accuracy of the scan results as well as the severity of the detected vulnerabilities. Sometimes scanners flag potential vulnerabilities for further investigation. And…