From the course: Vulnerability Management: Assessing the Risks with CVSS, CISA KEV, EPSS, and SSVC
Join today to access over 25,300 courses taught by industry experts.
Remediate and confirm vulnerabilities
From the course: Vulnerability Management: Assessing the Risks with CVSS, CISA KEV, EPSS, and SSVC
Remediate and confirm vulnerabilities
- [Instructor] After you've assigned vulnerabilities to appropriate teams, we move into the next step in the dark process: remediate. When teams remediate vulnerabilities, they can do so in a number of ways, depending on the specific vulnerability. You'll recall from our first chapter that remediation could mean that you patch, upgrade, reconfigure, or implement compensating controls. If you can't take one of the remediation steps because it's too risky, you might accept the risk. After remediation occurs, it's important that security teams follow up with the last task in the dark process. Confirm that the vulnerability is remediated or addressed. After a team mediates a vulnerability, we want to verify that the vulnerability is indeed no longer an issue. For this, another vulnerability scan should be performed, or a scan performed after the remediation should be reviewed before closing the ticket or task. There are several reasons for this. Maybe remediation requires a reboot or…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.