Vulnerability handling and response Course
2 hours, 10 minutes
Syllabus
Controls
Video - 00:06:00
We can't always fix every flaw in our system, that's simply the nature of softwares and servers. Learn the best methods to standardize our handling and responses to these control systems we can't always protect.
Control functions
Video - 00:06:00
Within the scope of control types exist control functions. These functions help us to determine how to respond to different actions in our system. In this episode, we will discuss these functions in detail.
Patch management
Video - 00:08:00
Learn what is patch management and navigate patching from a cybersecurity viewpoint.
Risk management
Video - 00:07:00
A risk is the possibility that a threat may be realized. Understanding risks and how to stop them from being realized is the basis for hardening IT environments.
Policies and prioritization
Video - 00:15:00
When identifying vulnerabilities, we often need to prioritize certain issues over others. This episode will cover policies and prioritization of these threats to help you spend your time most effectively.
Attack surface management
Video - 00:09:00
Attack surface management takes into account all aspects and ways an attack might threaten our system, whether digitally or physically. Take a comprehensive approach to eliminating as many of these attack vectors as possible.
Secure coding
Video - 00:09:00
Many vulnerabilities we encounter stem from the flaws within the operating system or installed applications. Using tools to find these issues is important but applying patches and making configurations takes priority. From the onset of our practice, secure coding is critical to a secure environment.
Secure software development
Video - 00:06:00
Understand when and where security should be injected into the software development life cycle.
Vulnerability management
Video - 00:18:00
Vulnerability management involves more than just technical knowledge. In this episode, we will cover the physical and business aspects of vulnerability management including reporting assessment results, trends, and other variables to help improve our system's safety.
Compliance reporting
Video - 00:05:00
Every company is different when it comes to compliance reporting but there are many standards throughout the industry that are similar across the board. In this episode, we will discuss compliance reporting and general industry standard practices for our systems.
Action plans
Video - 00:13:00
Learn how to create an action plan for vulnerabilities in your day-to-day cybersecurity job.
Inhibitors to remediation
Video - 00:15:00
You can’t fix every problem. Even if you have identified a control for a vulnerability, one or more inhibitors may prevent you from implementing it.
Key performance indicators
Video - 00:13:00
In this episode, we will discuss reporting work to managers and other technicians using KPIs metrics.
Unlock 7 days of free training
- 1,400+ hands-on courses and labs
- Certification practice exams
- Skill assessments
Plans & pricing
Infosec Skills Personal
$299 / year
- 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Custom certification practice exams (e.g., CISSP, Security+)
- Skill assessments
- Infosec peer community support
Infosec Skills Teams
$799 per license / year
- Team administration and reporting
- Dedicated client success manager
-
Single sign-on (SSO)
Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
-
Integrations via API
Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
- 190+ role-guided learning paths and assessments (e.g., Incident Response)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Create and assign custom learning paths
- Custom certification practice exams (e.g., CISSP, CISA)
- Optional upgrade: Guarantee team certification with live boot camps
Learn about scholarships and financing with
Award-winning training you can trust
