Effective Vulnerability Management (eBook)
391 Seiten
John Wiley & Sons (Verlag)
978-1-394-22121-9 (ISBN)
Organizations spend tremendous time and resources addressing vulnerabilities to their technology, software, and organizations. But are those time and resources well spent? Often, the answer is no, because we rely on outdated practices and inefficient, scattershot approaches. Effective Vulnerability Management takes a fresh look at a core component of cybersecurity, revealing the practices, processes, and tools that can enable today's organizations to mitigate risk efficiently and expediently in the era of Cloud, DevSecOps and Zero Trust.
Every organization now relies on third-party software and services, ever-changing cloud technologies, and business practices that introduce tremendous potential for risk, requiring constant vigilance. It's more crucial than ever for organizations to successfully minimize the risk to the rest of the organization's success. This book describes the assessment, planning, monitoring, and resource allocation tasks each company must undertake for successful vulnerability management. And it enables readers to do away with unnecessary steps, streamlining the process of securing organizational data and operations. It also covers key emerging domains such as software supply chain security and human factors in cybersecurity.
* Learn the important difference between asset management, patch management, and vulnerability management and how they need to function cohesively
* Build a real-time understanding of risk through secure configuration and continuous monitoring
* Implement best practices like vulnerability scoring, prioritization and design interactions to reduce risks from human psychology and behaviors
* Discover new types of attacks like vulnerability chaining, and find out how to secure your assets against them
Effective Vulnerability Management is a new and essential volume for executives, risk program leaders, engineers, systems administrators, and anyone involved in managing systems and software in our modern digitally-driven society.
CHRIS HUGHES, M.S., MBA, currently serves as the Co-Founder and President at Aquia and has 20 years of IT/Cybersecurity experience in the public and private sectors. He is also an adjunct professor for M.S. Cybersecurity programs. Chris co-hosts the Resilient Cyber Podcast and also serves as a Cyber Innovation Fellow at CISA. NIKKI ROBINSON, DSc, PhD, is a Security Architect and Professor of Practice at Capitol Technology University. She holds a DSc in Cybersecurity and a PhD in Human Factors.
Foreword .xvii
Introduction xix
1 Asset Management 1
2 Patch Management 29
3 Secure Configuration 53
4 Continuous Vulnerability Management 69
5 Vulnerability Scoring and Software Identification 79
6 Vulnerability and Exploit Database Management 115
7 Vulnerability Chaining 125
8 Vulnerability Threat Intelligence 145
9 Cloud, DevSecOps, and Software Supply Chain Security 155
10 The Human Element in Vulnerability Management 187
11 Secure-by-Design 207
12 Vulnerability Management Maturity Model 233
Acknowledgments 247
About the Authors 249
About the Technical Editor 251
Index 253
Erscheint lt. Verlag | 22.3.2024 |
---|---|
Sprache | englisch |
Themenwelt | Mathematik / Informatik ► Informatik ► Theorie / Studium |
Schlagworte | Computer Science • Computer Security & Cryptography • Computersicherheit • Computersicherheit u. Kryptographie • cyberattack • cybersecurity • Cybersecurity book • Cybersecurity risk • Cybersicherheit • DevSecOps • Digital risk management • Finance & Investments • Finanz- u. Anlagewesen • Informatik • Information Privacy • Information Security • Insurance & Risk Management • Risk Management • security analysis • security analyst • Software vulnerability • Versicherungswesen u. Risikomanagement • vulnerability management |
ISBN-10 | 1-394-22121-5 / 1394221215 |
ISBN-13 | 978-1-394-22121-9 / 9781394221219 |
Haben Sie eine Frage zum Produkt? |
Größe: 13,3 MB
Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM
Dateiformat: EPUB (Electronic Publication)
EPUB ist ein offener Standard für eBooks und eignet sich besonders zur Darstellung von Belletristik und Sachbüchern. Der Fließtext wird dynamisch an die Display- und Schriftgröße angepasst. Auch für mobile Lesegeräte ist EPUB daher gut geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine
Geräteliste und zusätzliche Hinweise
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
aus dem Bereich