all InfoSec news
Vulnerability Management - Risk Registry? - How to stop repeating resolution and repetitive work related to mitigated vulnerabilities that appear on every scan run?
May 10, 2023, 9:57 p.m. | /u/ilikedevops
cybersecurity www.reddit.com
What do folks use to track external vulnerabilities through to resolution? Our SOC2 Auditing partner suggests using a "risk registry" which can be created in Jira or something similar. This seems like a very manual process to me as some vulnerabilities will continue to appear by scans even though they have been mitigated.
We are currently using Alert Logic's PCI scanning functionality to scan our Internet facing surface but I don't see a way to track vulnerabilities in their …
auditing cybersecurity external jira management partner registry resolution risk run scan soc2 vulnerabilities vulnerability vulnerability management work
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
Intern, Cyber Security Vulnerability Management
@ Grab | Petaling Jaya, Malaysia
Compliance - Global Privacy Office - Associate - Bengaluru
@ Goldman Sachs | Bengaluru, Karnataka, India
Cyber Security Engineer (m/w/d) Operational Technology
@ MAN Energy Solutions | Oberhausen, DE, 46145
Armed Security Officer - Hospital
@ Allied Universal | Sun Valley, CA, United States
Governance, Risk and Compliance Officer (Africa)
@ dLocal | Lagos (Remote)
Junior Cloud DevSecOps Network Engineer
@ Accenture Federal Services | Arlington, VA