SANS Vulnerability Management Survey 2020

<h2>Vulnerability Identification Does Not Equal Vulnerability Management</h2> <p>Many organizations struggle with evolving their capabilities in identifying vulnerabilities to actually remediating those vulnerabilities. Fixing vulnerabilities is a challenge for many reasons including budget restraints, limited resources, a lack of coordinated efforts between multiple internal groups, and the continuously growing number of new vulnerabilities. </p> <p>To succeed with vulnerability management, a coordinated effort among security, IT, and the business operations groups is essential. Organizations must also identify, acknowledge, and track the barriers that are preventing timely remediation of vulnerabilities. </p> <p>In this survey, David Hazar, SANS analyst and instructor, looked at:</p> <ul> <li>Automated discovery techniques across a variety of asset types</li> <li>Maturity of remediation techniques across a variety of asset types</li> <li>Vulnerability prioritization techniques</li> <li>Remediation deadlines and timelines</li> <li>Roles and responsibilities for vulnerability management tasks</li> </ul> <p><strong>Get the full report to enable your organization to effectively and efficiently remediate vulnerabilities.</strong></p>