"Vulnerability management is a critical security process; however, many security and risk management leaders have problems optimizing their programs to achieve desired results. SRM leaders should run vulnerability management continuously to reduce the threats against their organizations."
In this report, Gartner provides guidance to help IT and security teams achieve a more effective risk-based vulnerability management program, with recommendations for:
- Discover and classify assets
- Scan for vulnerabilities at the optimal frequency
- Prioritize vulnerability remediation
- Manage exceptions
- Implement actionable metrics
