Implementing a Vulnerability Management Process

by Tom Palmaers
Sept. 1, 2017 0 comments SANS Institute Pen Testing & Audits threats/vulnerabilities

A vulnerability is defined in the ISO 27002 standard as "A weakness of an asset or group of assets that can be exploited by one or more threats" (International Organization for Standardization, 2005).

https://www.sans.org/reading-room/whitepapers/threats/implementing-vulnerability-management-proce...