Fork me on GitHub

TestAndVerification -> Consolidation: Usage of a vulnerability management system

Risk and Opportunity

Risk: Maintenance of false positives in each tool enforces a high workload. In addition a correlation of the same finding from different tools is not possible.
Opportunity: Aggregation of vulnerabilities in one tool reduce the workload to mark false positives.

Usefulness and Requirements of this Activitiy

Usefullness: Low
Required knowledge: Medium (two disciplines)
Required time: Medium
Required resources (systems): Low

Additional Information

Implementation hints:

OWASP SAMM VERSION 2

ISO27001 2017