Security metrics - how often should we scan?
When vulnerability data is used for pure "situational awareness", it needs to be as up to date as possible. Many organizations have an incident response, security operations or other type of group that monitors security, but has no direct operational roll over the IT or mission critical servers on the network. These organizations need up to date vulnerability information to do their job.
The vulnerability data needs to be very timely and relevant such that it can be readily available to help correlate IDS events, to be fed to a SIM or to be at the fingertips of an incident response team. It also needs to be able to provide executive management visibility into the top security issues facing them.
At the Tenable blog.
[ Read more ]