Vulnerability Management Process
Automated audit and scanning tools, vendor advisories and threat intelligence alerts are all necessary to assure and maintain strong cyber defences. But the significant amount of disparate data generated by them and which requires action and confirmation of implementation can be overwhelming and a source of risk in itself. Many major cyber breaches have been caused by failure to apply patches and updates. But when your vulnerability management process relies on manual systems for oversight and confirmation of application - it's all to easy to miss something. ISM.Connected supports the vulnerability management process by providing a single, unified repository for all vulnerability actions items. The Security Action Log within ISM.Connected creates a central, standardised repository of:
Network security scans (the majority of major scan vendor formats are supported)
Corrective actions uncovered during audit processes
Vendor security advisories
Alerts and notifications from threat intelligence services
All actions in the log can be assigned to individuals or groups for implementation, resolution or evaluation with ongoing automated monitoring and reminders.