Reducing Attack Surface: SANS’ Second Survey on Continuous Monitoring Programs

by Barbara Filkins
Sept. 1, 2017 0 comments SANS Institute Pen Testing & Audits critical controls management & leadership

Continuous monitoring is not a single activity. Rather, it is a set of activities, tools and processes (asset and configuration management, host and network inventories, and continuous vulnerability scanning) that must be integrated and automated all the way down to the remediation workflow. Although CM is shifting focus and slowly improving, it still has a way to go to attain the maturity needed to become a critical part of an organization’s business strategy.’-second-survey...