Document Controls
For Security & Risk Professionals
| Primary Analyst Photo | Document Information | Rate this Document |
|---|---|---|
 |
February 29, 2008 Operationalizing Application Vulnerability Managementwith Jonathan Penn, Allison Viglianti |
Average: 10
(4 ratings)
|
This is an excerpt
Executive Summary
Criminals want access to your assets, and one of their preferred methods is to exploit vulnerabilities lurking in your applications. To protect your organization's applications and the information assets contained in them, security and risk professionals must mitigate application vulnerabilities before attackers find and exploit them. The current crop of application security products and services helps, but does not provide a complete solution. Moreover, technology alone won't completely solve your problem. Organizations need to consider application vulnerability management (AVM) as an ongoing process, and focus on process improvement. Strategically build your AVM on the foundation of risk management, supplement vulnerability management with an incident response plan, and look to asset and configuration management for complementary capabilities. Tactical considerations include utilizing application firewalls for "right-now" protection, seeking security technologies for next generation applications, and, whenever possible, leveraging services to lower your total cost of ownership (TCO).
TABLE OF CONTENTS
- The Changing Market Forces Around Application Vulnerability Management
- Operationalizing AVM
- The Role of Technologies and Services
- Developing A Comprehensive AVM Program
RECOMMENDATIONS
- Strategic And Tactical Steps Towards AVM
- Related Research Documents
This is an excerpt
Buy Risk-Free
Price: US $2495
Our Service Guarantee: If you are not completely satisfied with this document, notify Forrester within 24 hours of purchase for a full refund.
Already a Forrester Client?
Log in to read this document.
