Finding and fixing vulnerabilities in information systems : the vulnerability assessment & mitigation methodology /
Understanding an organization's reliance on information systems and how to mitigate the vulnerabilities of these systems can be an intimidating challenge--especially when considering less well-known weaknesses or even unknown vulnerabilities that have not yet been exploited. The authors, unders...
Saved in:
Online Access: |
Access full-text online via JSTOR |
---|---|
Corporate Author: | |
Other authors / contributors: | |
Imprint: |
Santa Monica, CA :
Rand,
2003.
|
Format: | Electronic |
Language: | English |
Subjects: | |
Series: | Rand note ;
MR-1601-DARPA. |
Table of Contents:
- Introduction
- Concepts and definitions
- VAM methodology and other DoD practices in risk assessment
- Vulnerability attributes of system objects
- Direct and indirect security techniques
- Generating security options for vulnerabilities
- Automating and executing the methodology: a spreadsheet tool
- Next steps and discussion
- Summary and conclusions
- Appendix: Vulnerability to mitigation map values.