Trends Report

Operationalizing Application Vulnerability Management

February 29th, 2008
With contributors:
Jonathan Penn , Allison Viglianti

Summary

Criminals want access to your assets, and one of their preferred methods is to exploit vulnerabilities lurking in your applications. To protect your organization's applications and the information assets contained in them, security and risk professionals must mitigate application vulnerabilities before attackers find and exploit them. The current crop of application security products and services helps, but does not provide a complete solution. Moreover, technology alone won't completely solve your problem. Organizations need to consider application vulnerability management (AVM) as an ongoing process, and focus on process improvement. Strategically build your AVM on the foundation of risk management, supplement vulnerability management with an incident response plan, and look to asset and configuration management for complementary capabilities. Tactical considerations include utilizing application firewalls for "right-now" protection, seeking security technologies for next generation applications, and, whenever possible, leveraging services to lower your total cost of ownership (TCO).

Want to read the full report?

This report is available for individual purchase ($1495).

Forrester helps business and technology leaders use customer obsession to accelerate growth. That means empowering you to put the customer at the center of everything you do: your leadership strategy, and operations. Becoming a customer-obsessed organization requires change — it requires being bold. We give business and technology leaders the confidence to put bold into action, shaping and guiding how to navigate today's unprecedented change in order to succeed.