Implementing a Vulnerability Management Lifecycle
42mIntermediate2020-06-18
Authors

Kip Boyle
Founder and CEO of Cyber Risk Opportunities
Course details
In the past several years, a series of devastating cyberattacks have periodically dominated headlines. While each attack affected different industries and governments, they shared the same root cause: unfixed—but publicly known—vulnerabilities. In this course, get a step-by-step process for finding, prioritizing, and mitigating the vulnerabilities in your own computing environment, no matter what technology stack you're running. Instructor Kip Boyle shows how to prepare for and create a robust vulnerability management program, explaining how to set program goals and secure funding by creating a compelling business case. Kip also covers how to conduct weekly vulnerability scans, as well as mitigate any vulnerabilities that crop up. Along the way, Kip shares case studies that illustrate how a real-world organization would approach each step in this process.
Skills covered
Vulnerability ManagementCybersecurityOne-Off
Concepts
0. Introduction
- 01 - Everyone needs a vulnerability management program
- 02 - What you should know
1. Prepare for Vulnerability Management
- 03 - Defining vulnerability management
- 04 - The benefits of vulnerability management
2. Create the Vulnerability Management Program
- 05 - Succeed by setting program goals
- 06 - Make a great business case
- 07 - Assign qualified people
- 08 - Step 1 case study
3. Conduct Weekly Vulnerability Scans
- 09 - Creating the right core process
- 10 - How to discover known vulnerabilities
- 11 - Generating actionable vulnerability reports
- 12 - Validate reported vulnerabilities
- 13 - Step 2 case study
4. Mitigate Found Vulnerabilities
- 14 - How to design effective mitigations
- 15 - How to fix vulnerabilities
- 16 - How to verify mitigation success
- 17 - Step 3 case study
Conclusion
- 18 - Next steps
Related courses
- Implementing the NIST Risk Management Framework (2020)
- Implementing the NIST Risk Management Framework
- Cyber Asset Management: Securing Digital Resources in the Modern Enterprise
- ISC2 Information Systems Security Engineering Professional (ISSEP) Cert Prep
- Implementing Zero Trust for 5G and Open RAN
- CompTIA Cybersecurity Analyst+ (CySA+) (CS0-003): 4 Reporting and Communication
- CompTIA Security+ (SY0-701) Cert Prep: 3 Security Architecture
- CRISC Cert Prep: 2 IT Risk Assessment
Related learn paths
- Become an IT Security Specialist
- Working with Data: Collecting, Processing, and Storing Data for AI
- Introduction to Fundamental Skills for Data Work: Data Management
- Building AI Products: Security Essentials Professional Certificate by LinkedIn Learning
- Prepare for the CompTIA Security+ (SY0-601) Certification Exam
- Prepare for the CompTIA Cybersecurity Analyst (CySA+) (CS0-003) Certification
- Prepare for the CompTIA Security+ (SY0-701) Certification
- Become an Ethical Hacker