A Vulnerability Management Program is an integral part of any security program. It is a proven method of revealing weaknesses in your current security controls so they can be adjusted as needed. Vulnerability management is a continual process that monitors the effectiveness and the efficiency of your organization’s ability to identify, classify, remediate and mitigate vulnerabilities. Without a Vulnerability Management Program, you and your security program could be exposing your organization to threats against your IT Infrastructure and Data.
Watershed’s institutionalized ATM-RC vulnerability management methodology delivers a customer focused solution to securing their information technology components.
- Assessment - Execute inventory of all components and evaluate their current security profile.
- Tracking - Develop and implement a tracking mechanism for critical vulnerability metrics. I.E. - number of vulnerabilities per asset over time.
- Metrics - Identify critical vulnerability management metrics.
- Root Cause Analysis - Implement Root Cause Analysis (RCA) processes to identify the root cause for identified vulnerabilities.
- Closeout - Identify and implement additional IA controls to further protect the enclave.