Términos\Gestión de vulnerabilidades

Gestión de vulnerabilidades


·         Vulnerabilidad

·         Evaluación de vulnerabilidad

·         Escáner de vulnerabilidades

·         Análisis de vulnerabilidades


Proceso proactivo de seguridad consistente en identificar vulnerabilidades y reducirlas antes de que sean causa de un incidente de seguridad.


Vulnerability management is a pro-active approach to managing network security. It includes processes for:

·         Checking for vulnerabilities: This process should include regular network scanning, firewall logging, penetration testing or use of an automated tool like a vulnerability scanner.

·         Identifying vulnerabilities: This involves analyzing network scans and pen test results, firewall logs or vulnerability scan results to find anomalies that suggest a malware attack or other malicious event has taken advantage of a security vulnerability, or could possibly do so.

·         Verifying vulnerabilities: This process includes ascertaining whether the identified vulnerabilities could actually be exploited on servers, applications, networks or other systems. This also includes classifying the severity of a vulnerability and the level of risk it presents to the organization.

·         Mitigating vulnerabilities: This is the process of figuring out how to prevent vulnerabilities from being exploited before a patch is available, or in the event that there is no patch. It can involve taking the affected part of the system off-line (if it's non-critical), or various other work-arounds.

·         Patching vulnerabilities: This is the process of getting patches -- usually from the vendors of the affected software or hardware -- and applying them to all the affected areas in a timely way. This is sometimes an automated process, done with patch management tools. This step also includes patch testing,

