February 29, 2008

Operationalizing Application Vulnerability Management

by Chenxi Wang, Ph.D.

with Jonathan Penn, Allison Herald

Executive Summary (This is a document excerpt)

Criminals want access to your assets, and one of their preferred methods is to exploit vulnerabilities lurking in your applications. To protect your organization's applications and the information assets contained in them, security and risk professionals must mitigate application vulnerabilities before attackers find and exploit them. The current crop of application security products and services helps, but does not provide a complete solution. Moreover, technology alone won't completely solve your problem. Organizations need to consider application vulnerability management (AVM) as an ongoing process, and focus on process improvement. Strategically build your AVM on the foundation of risk management, supplement vulnerability management with an incident response plan, and look to asset and configuration management for complementary capabilities. Tactical considerations include utilizing application firewalls for "right-now" protection, seeking security technologies for next generation applications, and, whenever possible, leveraging services to lower your total cost of ownership (TCO).

Buy Risk-Free

Download and print PDF immediately. Price: US $1749

Our Money-Back Guarantee: If you are not completely satisfied, return it for a full refund within three weeks of your online purchase.

Already a Forrester Client?
Log in to read this document.