Practical Vulnerability Management

Practical Vulnerability Management

A Strategic Approach to Managing Cyber Risk

Andrew Magnusson


  • Description
  • Author
  • Info
  • Reviews


Practical Vulnerability Management shows you how to weed out system security weaknesses and squash cyber threats in their tracks.

Bugs: they're everywhere. Software, firmware, hardware -- they all have them. Bugs even live in the cloud. And when one of these bugs is leveraged to wreak havoc or steal sensitive information, a company's prized technology assets suddenly become serious liabilities.

Fortunately, exploitable security weaknesses are entirely preventable; you just have to find them before the bad guys do. Practical Vulnerability Management will help you achieve this goal on a budget, with a proactive process for detecting bugs and squashing the threat they pose.

The book starts by introducing the practice of vulnerability management, its tools and components, and detailing the ways it improves an enterprise's overall security posture. Then it's time to get your hands dirty! As the content shifts from conceptual to practical, you're guided through creating a vulnerability-management system from the ground up, using open-source software.

Along the way, you'll learn how to:
    Generate accurate and usable vulnerability intelligence
    Scan your networked systems to identify and assess bugs and vulnerabilities
    Prioritize and respond to various security risks
    Automate scans, data analysis, reporting, and other repetitive tasks
    Customize the provided scripts to adapt them to your own needs

Playing whack-a-bug won't cut it against today's advanced adversaries. Use this book to set up, maintain, and enhance an effective vulnerability management system, and ensure your organization is always a step ahead of hacks and attacks.


Andrew Magnusson:
Andrew Magnusson has been working in the information security field since 2002, in areas ranging from firewall configuration to security consulting to managing SOC2 compliance. As a consultant deploying enterprise vulnerability management tools he has seen how an organization's vulnerability management practices, or lack thereof, affects their overall information security posture.