In this video, Lora Vaughn McIntosh introduces the acronym DARC. Learn the key elements of a successful vulnerability management program.
- [Instructor] The vulnerability management process is similar to a doctor practicing medicine. Both follow a format I'll call DARC, D-A-R-C. That stands for detect, assess, remediate, confirm. Our bodies, like computer systems, don't always show obvious signs or symptoms of a problem, but if one exists and goes untreated, it could have major repercussions. To make sure that your body is healthy, when you go to the doctor for an annual checkup, she performs an exam and runs a number of diagnostic tests, things like checking blood pressure, reflexes and blood work.
These are to detect a problem. If your blood pressure's a little high, the doctor will assess the problem and the risk that high blood pressure poses to your overall health. Then, she'll determine a treatment plan to remediate or fix the problem. After you've been sent home to follow the treatment plan, she'll as you to come back in at a later date so that she can confirm that the treatment plan has resolved the issue. Using a very similar process, we can ensure the health of our computers and networks by using the DARC approach, detect, assess, remediate, confirm.
- What's a vulnerability and why do they exist?
- Main sources for vulnerability data
- Prioritizing vulnerabilities
- The industry standard for vulnerability risk scoring
- How regulations can impact vulnerability management processes
- How compensating controls affect vulnerabilities
- Vetting false positives
- Confirming remediation
- Building a vulnerability management program