Vulnerability Management

Leave No Security Holes in the

Enterprise Infrastructure

Group_1183_68dc6b6df2_xwpjwh.png

The Program

The aim of the program is not to just remediate vulnerabilities but to build resilience which can only be achieved with Preventive Maintenance Mechanisms. IT landscape is continuously evolving with systems being constantly upgraded, software flaws being constantly introduced and security gaps are discovered even after years of existence; leverage fnCyber's Best Practice guidance and arrest such Configuration Drifts.

fnCyber vulnerability management solution mandates a strategy and advocates complete review of all the policies pertaining to Asset Provisioning and Deprovisioning, Change Control, Configurations and Exceptions. Thus, creating a repeatable lifecycle with identification, evaluation of vulnerabilities; establish priorities and remediate both internal and external vulnerabilities based on effort and risk. Upon maturity, the program transforms into Preventive Maintenance promoting Cybersecurity right from the Systems Design phase via Service Asset Configuration Management Baselines.

Group_531_73972a450f_ck99lf.png
Group_572_96ac4b57b5_ggukct.png

The Approach

fnCyber’s Vulnerability Management takes a schematic approach; a schema with discovery, evaluation of assets and network configurations which reveal a great deal of technology landscape; when combined with risk rating along with the worth of business revenue being processed by the assets; categorizes inventory into critical / non-critical and approved / unapproved. Guided by the Principles of Security in Design and Configurations, inventory categories are reviewed with business and service owners to draft FnCyber Preventive Maintenance Charter which cures system vulnerabilities even before discovered by any vulnerability scanner.

The Program takes into account a Patch Management Policy derived with a mandate on Testing & Release of patches, Configuration versions, Backup & Restore and Auditability of Change Tasks. The status of vulnerabilities and preventive maintenance are constantly communicated to the respective business owners to ensure seamless remediation with minimum or no service disruption. Depending upon the organizations exposure to the public internet; a strategy needs to be devised explicitly for both internal and external vulnerability management to adopt and exercise appropriate risk mitigation techniques.

The Phases

1
VM Strategy, Asset Discovery & Baseline
2
Preventive Maintenance Charter
3
Assess, Prioritize, Remediate
4
Verify, Report, Review & Monitor

fnCyber has learnt from The Center for Internet Security [CIS] with a prescription of 20 tried and tested defensive controls which have been proven across Industries; 5 of which can effectively prevent 80% of the attacks; and organizations will transform to become super resilient if all 20 are adopted.

Build Cyber Resilient organizations with a combination of Cybersecurity and ITIL Best Practices.

Resources

Cybersecurity is best when seeded into Business Functions. fnCyber™ assures you Direct and Uncomplicated Cybersecurity Consulting.

Contact Us

Get in Touch

mail
one@fncyber.com

Follow us on Social Media

linkedin
@fnCyber
twitter
@fnCyberSecurity

Our Addresses

location
India : Level 1, Salarpuria Knowledge City, InOrbit Mall Road, HITEC City, Hyderabad, Telangana 500081 India
location
Netherlands: 6th Floor, HSD Campus Wilhelmina van Pruisenweg 104 2595 AN Den Haag