Practical Vulnerability Management cover

Practical Vulnerability Management

by Andrew Magnusson
September 2020, 279 pp.
Use coupon code PREORDER to get 25% off!


A hands-on guide to improving an organization's computer security and developing scanning tools on a budget.

Practical Vulnerability Management discusses the components of a vulnerability management program and shows you how to build a free or low-cost system to automatically handle the repetitive aspects of vulnerability management. Vulnerability management is a critical and sometimes neglected aspect of information security. It consists of two main parts: awareness and action. First, the security practitioner must be aware of the vulnerabilities that exist in an organization's systems and understand how dangerous each one is. Second, that information must feed into an ongoing process of addressing vulnerabilities by updating the vulnerable systems or otherwise mitigating their severity.

Author Bio 

Andrew Magnusson has been working in the information security field since 2002, in areas ranging from firewall configuration to security consulting to managing SOC2 compliance. As a consultant deploying enterprise vulnerability management tools he has seen how an organization's vulnerability management practices, or lack thereof, affects their overall information security posture.

Table of contents 

Part I: Vulnerability Management Basics
Chapter 1: Basic Concepts
Chapter 2: Sources of Information
Chapter 3: Vulnerability Scanners
Chapter 4: Automating Vulnerability Management
Chapter 5: Vulnerability Management Outcomes
Chapter 6: Vulnerability Management and Organizational Priorities Part II: Hands-On Vulnerability Management
Chapter 7: Setting Up Your Environment
Chapter 8: Using the Data Collection Tools
Chapter 9: Getting Your Data Into a Usable Format
Chapter 10: Maintaining the Database
Chapter 11: Generating Asset and Vulnerability Reports
Chapter 12: Automating Scans and Reporting
Chapter 13: Advanced Reporting
Chapter 14: Advanced Topics
Chapter 15: Conclusion

View the detailed Table of Contents