Special offers now — see discounted courses.
day
:
hour
:
min
:
sec
See special offers
Vulnerability Management: Assessing the Risks with CVSS v3.1

Vulnerability Management: Assessing the Risks with CVSS v3.1

1h 15mIntermediate2020-10-06

Authors

Lora Vaughn

Lora Vaughn

Cybersecurity Executive in Financial Services

Course details

Vulnerability management can be difficult, and understanding the risks that vulnerabilities pose in your own environment is key to determining how (and in what order) to tackle them. The Common Vulnerability Scoring System (CVSS) was developed to address this. In this course, explore the essential metrics in the CVSS methodology, as well as how to apply CVSS scores to assess risk and determine what to fix first. Instructor Lora Vaughn takes a deep dive into CVSS version 3.1, examining the characteristics it measures, the scoring formula, and how to apply CVSS scores to your environment. Using practical examples, she covers the three most essential aspects of CVSS: Base, Temporal, and Environmental metrics. Upon wrapping up this course, you'll be equipped with the essential knowledge you need to use CVSS scores to prioritize remediation efforts.

Skills covered

Security TestingVulnerability ManagementCybersecurityDeep Dive (X:Y)

Concepts

0. Introduction

  • 01 - Welcome to this course
  • 02 - Case study - Red30 technology

1. Vulnerability Basics

  • 03 - Vulnerability risk assessment
  • 04 - Vulnerability types and their causes
  • 05 - Methods for fixing vulnerabilities
  • 06 - Common terms in vulnerability management

2. CVSS Overview

  • 07 - Intro to the Common Vulnerability Scoring System (CVSS)
  • 08 - Core elements of CVSS v3.1
  • 09 - CVSS v3.1 formula
  • 10 - Making sense of the CVSS vector string

3. Base Metric Group

  • 11 - The CVSS base metric group
  • 12 - The attack vector metric
  • 13 - How attack complexity affects risk
  • 14 - The effects of the privileges required metric on risk
  • 15 - User interaction and vulnerability risk
  • 16 - Confidentiality, integrity, and availability impact metrics
  • 17 - Security scope in CVSS
  • 18 - Challenge
  • 19 - Solution

4. Temporal Metrics Group

  • 20 - How exploit code maturity affects risk
  • 21 - How remediation level affects risk
  • 22 - How report confidence affects risk

5. Environment Metrics Group

  • 23 - Confidentiality, integrity, and availability requirement
  • 24 - Modified base metrics in CVSS

6. Putting CVSS into Practice

  • 25 - Using CVSS scores
  • 26 - CVSS severity rating scale
  • 27 - Using CVSS scoring in the enterprise
  • 28 - Remediating vulnerabilities
  • 29 - Accepting vulnerability risks
  • 30 - Challenge
  • 31 - Solution

Conclusion

  • 32 - Next steps

Related courses

Related learn paths

About us

LyndaKade is a leading learning platform that helps people learn business, software, technology, and creative skills to achieve personal and professional goals.

Phone numberAparat ChannelTelegram SupportTelegram ChannelInstagram Page

All rights to this site belong to LyndaKade.

Terms of Service|Privacy Policy

نماد الکترونیک enamad در صورت اتصال با آی‌پی داخل کشور، نمایش داده خواهد شد.
logo-samandehi - لوگو ساماندهی
zarinpal
zibal