Join Mike Chapple for an in-depth discussion in this video Barriers to vulnerability remediation, part of SSCP Cert Prep: 3 Risk Identification, Monitoring, and Analysis.
- [Instructor] As you work your way through…the vulnerability remediation workflow,…you're going to encounter inhibitors to remediation.…You'll come across people who, for a variety of reasons,…think that addressing vulnerabilities is not…in the organization's best interests.…Let's talk about some of the people that you might encounter…during your remediation efforts, and discuss ways…that you can address the issues that they raise…in a manner that addresses their objections…but still resolves the vulnerability.…Meet Grumpy Gus.…
Gus is a system engineer who has a really cranky attitude.…So much so that no one on the security team…really wants to talk to him, because they know…that Gus will argue with everything they say.…But Gus is also highly skilled.…He's a very knowledgeable engineer, and his primary concern…is keeping his systems up and running.…When you bring Gus a vulnerability,…he might grumble that the vulnerability isn't real,…and that applying the suggested fix would cause…technical issues and degrade functionality for his users.…
- Risk management actions
- Ongoing risk management
- Risk management frameworks
- Scanning for threats and vulnerabilities
- Advanced vulnerability scanning
- Monitoring log files
- Code review and code tests
- Test coverage analysis
Skill Level Intermediate
Q: This course was updated on 05/18/2018. What changed?
A: New videos were added that cover identifying threats, understanding attacks, technology and process remediation, remediating vulnerabilities, and security monitoring. In addition, the following topics were updated: risk management and monitoring log files.
IT Security Careers and Certifications: First Stepswith Marc Menninger2h 6m Appropriate for all
IT Security Foundations: Core Conceptswith Lisa Bock1h 13m Beginner
Insights from a Cybersecurity Professionalwith Mike Chapple32m 15s Appropriate for all
1. Risk Management
2. Threat Modeling
3. Threat Assessment
4. Remediating Vulnerabilites
5. Security Monitoring
6. Software Testing
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.