This phase will allow you to develop processes and technologies that will be used to identify your organization's vulnerabilities on an ongoing basis. It includes evaluation of vulnerability scanning tools, penetration tests, third-party vulnerability sources, and security incidents all as ways to identify vulnerabilities.

This phase will take you through the following:
  • Assign responsibility for vulnerability management
  • Review the inventory of assets
  • Define vulnerability management scope and boundary
  • Select and implement a vulnerability scanning tool
  • Evaluate penetration testing
  • Identify third-party vulnerability monitoring
  • Develop incident process vulnerability detection
Use this phase as part of the full blueprint, Design and Implement a Vulnerability Management Program.

Also In

Design and Implement a Vulnerability Management Program

Know what to protect and know when you’re overprotecting.

Related Content


Get Access

Get Instant Access
To unlock the full content, please fill out our simple form and receive instant access.
Visit our COVID-19 Resource Center and our Cost Management Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019