Over the past week or so I’ve put up a number of posts with additional information about the Vulnerability Manager, how its internals are structured as well as future plans. This post consolidates all of that information into a single reference with links to the blog posts and the specific related pages on the Vulnerability Manager website.
Topic Area |
Main Web Page |
Blog Post |
Application Portfolio Management |
||
Vulnerability Import and Consolidation |
||
Automatic Virtual Patch Generation |
||
Attack Tracking |
||
Converting Security Vulnerabilities to Software Defects |
||
Team Maturity Evaluation |
I spent most of the week at RSA and had a lot of great conversations with customers and product vendors about the current state of Vulnerability Manager, our plans for the future as well as opportunities for new features and new integrations. People tend to agree that for the application and software security industry to mature we need to move beyond a focus on finding vulnerabilities to a more holistic view of the process of creating and maintaining secure software. Also, having open, standards-based tools available for software security teams will help more organizations get started addressing application security issues.
Please feel free to suggest features or improvements and contact us if you would like help standing up a software security team.
–Dan
dan _at_ denimgroup.com