Remerciez-le!

Remerciez @Admin pour avoir partagé cet document gratuitement, de la manière la plus simple, en partageant sur les réseaux sociaux.

Vulnerability assessment guide

Gartner Reprint Licensed for Distribution Market Guide for Vulnerability Assessment Published November - ID G - min read By Analysts Craig Lawson Mitchell Schneider Prateek Bhajanka Dale Gardner Security and risk management leaders evaluating VA products and services need to understand the important role they play in risk-based vulnerability management VA identi ?es and assesses vulnerabilities proactively to establish the security and risk posture not just to meet compliance mandates Overview Key Findings ? Vulnerability assessment buyers are shifting from tools that only identify vulnerabilities to those that proactively assess and manage the risks posed by those weaknesses This is primarily being addressed by new vendors o ?ering vendor-agnostic products prompting companies o ?ering solutions to update their o ?erings ? The three VA solutions that dominate the market Qualys Tenable and Rapid are most often shortlisted by Gartner clients ? Vendors in adjacent markets such as endpoint detection and response security information and event management IT systems and con ?guration management are adding VA capabilities ? The assessment of standard IT assets across a network is universally supported by VA vendors Support for less-common technologies ?? such as containers operational technology supervisory control and data acquisition cloud services and mobile ?? varies widely Recommendations Security and risk management leaders responsible for security operations and vulnerability management who are selecting and operating these solutions should ? Evaluate VA solutions ? capabilities for aiding in the prioritization of vulnerabilities and how the assessment phase is performed so they can be more-ef ?ciently managed in the organization ? Assess the work ow enterprise management and third-party technology integrations VA solutions provide with compensating controls These include intrusion prevention systems We use cookies to deliver the best possible experience on our website To learn more visit our Privacy Policy By web application ?rewalls patch management solutions and ticketing systems as well as risk continuing to use this site or closing this box you consent to our use of cookies https www gartner com doc reprints id - XWO AS ct st sb C Gartner Reprint prioritization tools such as vulnerability prioritization tools to support general IT and security operations with better insight and ef ?ciency possibilities ? Select VA solutions with consideration for asset demographics and coverage of emerging technologies and approaches that you are planning to use such as cloud and virtualization DevOps and software containers More than one provider may be required Market De ?nition This document was revised on November The document you are viewing is the corrected version For more information see the Corrections page on gartner com The VA market is made up of vendors that provide capabilities that identify categorize prioritize and orchestrate the remediation or mitigation of vulnerabilities These include unsecured system con ?gurations or missing patches as well as other security-related updates in the systems connected to the enterprise network directly remotely or in the cloud Whether delivered onpremises in the cloud or in virtual environments VA products or services have several common capabilities ?