Vulnerability Management: Assessing the Risks with CVSS, CISA KEV, EPSS, and SSVC
Vulnerability Management: Assessing the Risks with CVSS, CISA KEV, EPSS, and SSVC
.MP4, AVC, 1280x720, 30 fps | English, AAC, 2 Ch | 1h 10m | 137 MB
Instructor: Lora Vaughn
.MP4, AVC, 1280x720, 30 fps | English, AAC, 2 Ch | 1h 10m | 137 MB
Instructor: Lora Vaughn
Vulnerability management is a critical part of an effective information security program, but determining which vulnerabilities to address first is a daunting challenge. In this course, learn how to differentiate between vulnerability severity and vulnerability risk. Discover what elements can be combined to determine vulnerability severity, techniques you can use to determine the risk a vulnerability poses to your specific environment, and things to consider when building a vulnerability management program.
Learning objectives
- Analyze vulnerability characteristics to accurately assess the severity of identified vulnerabilities in information systems.
- Evaluate the interplay between exploitability, severity, and business criticality to determine the risk level of specific vulnerabilities in your organization's environment.
- Differentiate between vulnerability severity and vulnerability risk in the context of an effective vulnerability management program.
- Synthesize various elements to construct a comprehensive method for determining vulnerability severity in diverse information systems.
- Design a structured vulnerability management program that prioritizes addressing critical vulnerabilities based on both severity and organizational risk factors.
Vulnerability Management: Assessing the Risks with CVSS, CISA KEV, EPSS, and SSVC
