15 lines
635 B
Markdown
15 lines
635 B
Markdown
|
|
# Vulnerability management
|
|
|
|
* identify total asset base (use nmap and see if it matches librenms and resolve any discrepancies)
|
|
* perform scans of total asset base (using openvas/lynis/ossim)
|
|
* manage vulnerability ratings/scope
|
|
* notify/escalate to appropriate contacts
|
|
* address the vulns
|
|
* report metrics (i think the apps provide built in dashboards, may need some light modification)
|
|
|
|
|
|
i think ossim can do all the above ,also lynis/openvas (the three combined should provide complete coverage) (network scan/agent based combination)
|
|
|
|
librenms is our CMDB currently (for identifying assets/contacts). phpipam is our inventory.
|