Your boss wants you to draft a two- to three-page vulnerability process and assessment memorandum addressing the main points of a VM process for Mercury USA.
Cover the main elements of a vulnerability management process, tailored to Mercury USA’s business in the transportation sector, evaluate the OpenVAS scanning tool, and provide recommendations for mitigating the vulnerabilities found within the OpenVAS report.
The third-party pen tester used the free tool Open Vulnerability Assessment Scanner (OpenVAS) to scan Mercury USA’s network. Review the report from the OpenVAS Scan.
As you review the scan, consider some important points from Lesson 5:
Priority
Difficulty of implementation
Communication/change control
Inhibitors to remediation
MOUs
SLAs
Business process interruption
Degrading functionality