Infact, we’ve heard that companies does vulnerability and penetration testing on their corporate infrastructures. 

What do you think of the IT Managers way of handling with these results and/or executive summary

1. Does their any action taken with these results

2. Does the system owners /business owners know how to remediate the fixes/finding available in the VA reports

Most of the companies do not react to any of those reports and still continue to run their infrastructure vulnerable. The prime reason for this is lack of knowledge and discipline

So, What is required to remediate the findings

1. Temporary Project Team

2. Engagement & Operating Model

3. Communication & Status Reporting

4. Creating Risk Aware culture

Do you need help, please write to me

 

Advertisements