Security metrics - how often should we scan?
When vulnerability data is used for pure "situational awareness", it needs to be as up to date as possible. Many organizations have an incident response, security operations or other type of group that monitors security, but has no direct operational roll over the IT or mission critical servers on the network. These organizations need up to date vulnerability information to do their job.
The vulnerability data needs to be very timely and relevant such that it can be readily available to help correlate IDS events, to be fed to a SIM or to be at the fingertips of an incident response team. It also needs to be able to provide executive management visibility into the top security issues facing them.
At the Tenable blog.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.