Manage Learn to apply best practices and optimize your operations.

The best vulnerability management tools

Learn how to evaluate and use the best vulnerability management tools when assessing your customer's network.

Numerous tools are available to assist with vulnerability management. However, determining which tool(s) to leverage is not easy, because no one product can address all of the aspects of vulnerability management, as we discussed in Chapter 7. Therefore, when deciding which vulnerability management tool(s) to use, it's important that you understand each tool's capabilities, and how the available tools work with each other. In this chapter, we will discuss what to look for when evaluating vulnerability management tools, as well as discuss some of the more popular commercial and open source tools available today.

 

The perfect tool in a perfect world

To determine what to look for in a vulnerability management tool it helps to think about what the perfect tool would offer. The perfect vulnerability management tool would include capabilities for asset management, vulnerability assessment, configuration management, patch management, remediation, reporting, and monitoring, all working well together, and it would integrate well with third-party technologies.

Ideally, the tool's asset management, vulnerability management and patch management capabilities would work particularly well together, for three reasons. First, asset management represents the foundation of a vulnerability management program. Without a complete and up-to-date asset inventory, your vulnerability management program will be only marginally effective. Therefore, it's critical that your tools leverage this repository for the list of assets represented within your environment.

More on vulnerability management strategies

Vulnerability management quiz

Building a vulnerability management lifecycle program

Vulnerabilities in the context of the IT landscape

Second, you're developing a vulnerability management program, so it would be nice if your vulnerability management tools and auxiliary tools could communicate with one another. A primary example is in your vulnerability assessment (VA) scanner leveraging the asset database to obtain the list of devices that are present within your environment. From that list, the VA scanner knows which assets to assess for security liabilities. VA tools are also helpful in developing system configuration baselines within your environment. You can use these baselines later to identify possible weaknesses and points of exposure within your infrastructure.

And third, patching and configuration management are key elements of the remediation process and, more important, of your vulnerability management plan. Understanding which systems are patched, along with their respective configurations, is one thing; but having this information populated within your asset database and being able to extract this data and use it to make informed security decisions is a capability which all security practitioners wish they had.


Vulnerability management tools
Infosec mailing lists, tools and information chart  Home: Introduction
  1: Evaluating vulnerability management tools
  2: Commercial and open source tools
  3: Summary/Fast track

Dig Deeper on Cybersecurity risk assessment and management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

MicroscopeUK

  • Channel roundup: Who's gone where?

    Time for the weekly roundup of personnel moves across the industry with several senior roles being filled in the last seven days

  • Plenty of life in mainframes

    Those assuming that it was time to take the mainframe in the corner out for a long walk of a short pier will be surprised to hear...

  • What to expect in Q4

    AI, contact centres and security are among the areas where the channel might gain in this quarter, according to industry figures

SearchSecurity

SearchStorage

SearchNetworking

SearchCloudComputing

SearchDataManagement

SearchBusinessAnalytics

Close