CSCv6|4.8

Title

Establish a process to risk-rate vulnerabilities based on the exploitability and potential impact of the vulnerability.

Description

Establish a process to risk-rate vulnerabilities based on the exploitability and potential impact of the vulnerability, and segmented by appropriate groups of assets (example, DMZ servers, internal network servers, desktops, laptops). Apply patches for the riskiest vulnerabilities first. A phased rollout can be used to minimize the impact to the organization. Establish expected patching timelines based on the risk rating level.

Reference Item Details

Category: Continuous Vulnerability Assessment and Remediation

Family: System