Vulnerability Management

Leave No Security Holes in the

Enterprise Infrastructure

The Program

The aim of the program is not to just remediate vulnerabilities but to build resilience which can only be achieved with FnCyber vulnerability management solution mandates a strategy and advocates complete review of all the policies pertaining to Asset Provisioning and Deprovisioning, Change Control, Configurations and Exceptions. Thus, creating a repeatable lifecycle with identification, evaluation of vulnerabilities; establish priorities and remediate both internal and external vulnerabilities based on effort and risk. Upon maturity, the program transforms into Preventive Maintenance promoting Cybersecurity right from the Systems Design phase via Service Asset Configuration Management Baselines.

the program
the approach

The Approach

FnCyber’s Vulnerability Management takes a schematic approach; a schema with discovery, evaluation of assets and network configurations which reveal a great deal of technology landscape; when combined with risk rating along with the worth of business revenue being processed by the assets; categorizes inventory into critical / non-critical and approved / unapproved. Guided by the Principles of Security in Design and Configurations, inventory categories are reviewed with business and service owners to draft FnCyber Preventive Maintenance Charter which cures system vulnerabilities even before discovered by any vulnerability scanner.

The Program takes into account a Patch Management Policy derived with a mandate on Testing & Release of patches, Configuration versions, Backup & Restore and Auditability of Change Tasks. The status of vulnerabilities and preventive maintenance are constantly communicated to the respective business owners to ensure seamless remediation with minimum or no service disruption. Depending upon the organizations exposure to the public internet; a strategy needs to be devised explicitly for both internal and external vulnerability management to adopt and exercise appropriate risk mitigation techniques.

The Phases

1
VM Strategy, Asset Discovery & Baseline
2
Preventive Maintenance Charter
3
Assess, Prioritize, Remediate
4
Verify, Report, Review & Monitor
FnCyber has learnt from The Center for Internet Security [CIS] with a prescription of 20 tried and tested defensive controls which have been proven across Industries; 5 of which can effectively prevent 80% of the attacks; and organizations will transform to become super resilient if all 20 are adopted.
Build Cyber Resilient organizations with a combination of Cybersecurity and ITIL Best Practices.
Cybersecurity is best when seeded into Business Functions. FnCyber assures you Direct and Uncomplicated Cybersecurity Consulting.

Contact Us

Get in Touch

mail
one@fncyber.com
location
2069386 Alberta Inc, 48 Martinbrook Link NE, Calgary, Alberta-T3J 3N9 Canada

Follow us on Social Media

linkedin
@fncyber
twitter
@FnCyberSecurity