Report cover image

IDC PlanScape: Vulnerability Management

Publisher IDC
Published Oct 10, 2023
Length 12 Pages
SKU # IDC18252852

Description

IDC PlanScape: Vulnerability Management


This IDC PlanScape provides a step-by-step guide for building, enhancing, and running a vulnerability management capability. While setting up a vulnerability scanner and running scans on the most obvious company systems is relatively easy, doing so to ensure full coverage of the entire IT landscape - and following up to resolve identified vulnerabilities and their root causes - is more difficult, requiring extensive cooperation between business and IT. On top of the complexity of resolving and managing vulnerabilities, a vulnerability management capability needs leadership buy-in for business and IT to provide the right priority and resolve the vulnerabilities (along with other competing priorities)."The vulnerability management process is critical in identifying and resolving potential vulnerabilities," says Nick Kirtley, adjunct research advisor for IDC's IT Executive Programs (IEP). "The security team, business, and IT must work together to reduce vulnerabilities and manage vulnerability-related risk. This shuts the door to attackers trying to do harm to your business."

Please Note: Extended description available upon request.

Table of Contents

12 Pages
IDC PlanScape Figure
Executive Summary
Why Is Vulnerability Management Important?
Identification of Vulnerabilities
Remediating and Managing Vulnerabilities
Vulnerability Management Highlights the Overall Health of the IT Landscape
What Is Vulnerability Management?
Vulnerability Scanning
Other Methods and Tooling to Identify Vulnerabilities
Managing, Mitigating, and Remediating Vulnerabilities
Vulnerability Severity and Risk
Who Are the Key Stakeholders?
How Can My Organization Take Advantage of Vulnerability Management?
Begin with a Foundational Vulnerability Management Capability
Improve Your Understanding of the IT Landscape
Periodically Monitor Scanning Results
Speak the Language of IT Teams and Business Departments
Improve Cooperation with Other Security Teams and Capabilities
Improve Cooperation with Third-Party IT Service Providers Where Relevant
Reduce Vulnerabilities at Scale Where Possible
Improve Reporting
Improve Vulnerability Remediation Prioritization with Severity Data and Contextual Review
Define Vulnerability Remediation Service-Level Agreements
Improve Vulnerability Detection Methods and Tooling
Increase Scanning Frequency
Advice for Technology Buyers
Initial Activities for Technology and Security Leaders
Advanced Activities for Technology and Security Leaders
Related Research

Pricing

Currency Rates
How Do Licenses Work?

How Do Licenses Work?

The primary function of a report license is to define how many people within a company are authorized to use the purchased report. This is separate to how a report might be delivered. Unless specifically identified otherwise, the purchase option is Single User. Below is a helpful description of that license, along with a sampling of others most commonly offered.

  • This license allows only one user to have access to and to use/read the report. It is not one user at a time or one user group; it is an individual who will be reading and utilizing the report.

  • This license allows for the entire purchasing company to read and use the report. This is the license level that would allow for a report to be placed on an internal company shared drive for access by all employees of that direct company. This license does not extend to parent or sister company use.

  • This license is designed to allow an entire department within a company full access to a report. The departmental license is a great option for companies that have more than one location and the department is spread out all over the country/world

  • This license is for companies that have one location where they want the report to be accessible by all employees within that physical location.

  • This is the most flexible of the licensing options. Some publishers will allow you to get a license for a preset number of people (typically 5). These licenses are ideal for small work groups.

License options are at the discretion of each publisher. As such, not all licenses indicated above are available for every product. If you are uncertain of the best license for your needs or would like a license that is not proactively available, please contact us and we will be happy to assist.

Head shot

Questions or Comments?

Our team has the ability to search within reports to verify it suits your needs. We can also help maximize your budget by finding sections of reports you can purchase.
Chat Now
Contact Us