Vulnerability Management in Cybersecurity: The Basics
54mBeginner2025-07-08
Authors

Lora Vaughn
Cybersecurity Executive in Financial Services
Course details
Some people think that vulnerability management just means patching OS systems, but it's so much more than that. Vulnerability management is something every organization needs to address; however, many don't understand the mechanics and breadth of the challenge. This course provides those without prior experience in the area an overview of why vulnerabilities exist, as well as an explanation of the process of managing them from start to finish. Instructor Lora Vaughn McIntosh covers the three key components of vulnerability management and the tools needed to establish a program of your own. Get an introduction to vulnerability scanning and reporting, learn how to identify which vulnerabilities to address first, discover how to vet false positives, and more.
Skills covered
Vulnerability ManagementCybersecurityLearning
Concepts
0. Introduction
- 01 - Managing vulnerabilities
- 02 - The key elements of VM - DARC
1. Detect
- 03 - What is a vulnerability
- 04 - Why do vulnerabilities exist
- 05 - Vulnerability sources
- 06 - Introduction to vulnerability scanning
- 07 - Reporting
2. Assess the Risk
- 08 - Handling all those vulnerabilities
- 09 - CVSS - Industry standard severity algorithm
- 10 - CVSS - Modifying factors
- 11 - Concern - Regulatory requirements
- 12 - Concern - Exposure
- 13 - Risk and compensating controls
3. Resolve and Confirm
- 14 - Introduction to patch and config management tools
- 15 - Vetting false positives
- 16 - Confirm remediation
4. Putting It Together
- 17 - Review DARC
- 18 - Building a program
Conclusion
- 19 - A constant effort
Related courses
- Fine-Tuning LLMs for Cybersecurity: Mistral, Llama, AutoTrain, AutoGen, and LLM Agents
- Microsoft Cybersecurity Architect (SC-100) Cert Prep: 1 Design a Zero Trust Strategy and Architecture
- Microsoft Cybersecurity Architect (SC-100) Cert Prep: 4 Design a Strategy for Data and Applications
- CRISC Cert Prep: The Basics
- Introduction to SecOps on Google Distributed Cloud (GDC) by Google
- Introduction to Offensive Security
- Cisco Certified Support Technician (CCST) Cybersecurity (100-160) Cert Prep
- Cybersecurity Foundations: Security Architecture
Related learn paths
- Become an IT Security Specialist
- Leverage AI as a Cybersecurity Analyst
- Navigating the Cybersecurity Threat Landscape
- CyberOps Associate: Prepare for the Cisco Cybersecurity Operations Fundamentals (200-201 CBROPS) Exam
- Prepare for the ISC2 Systems Security Certified Practitioner (SSCP) Exam
- Become an Ethical Hacker
- Prepare for the CompTIA Security+ (SY0-601) Certification Exam
- Prepare for the CompTIA Cybersecurity Analyst (CySA+) (CS0-003) Certification