Automation of information security vulnerability management processes
DOI: 10.31673/2409-7292.2022.040008
DOI:
https://doi.org/10.31673/2409-7292.2022.040008Abstract
The article discusses an example of automation of IS vulnerability and risk management processes. The main requirements for the automation system and its tasks are defined. The most popular methods of risk management were considered and the impact of automation tools on management methods was checked. The possibilities of the proposed automation toolkit were considered, and recommendations were offered regarding its implementation and use.
Keywords: automation, IT risks, vulnerabilities, identification, analysis, assessment, simplification.
Перелік посилань
1. Управление рисками информационой безопасости. Основные понятия и методология оценки рисков. [Електронний ресурс] // - Режим доступу: https://www.securityvision.ru/blog/upravlenie-riskami-informatsionnoybezopasnosti-chast-1-osnovnye-ponyatiya-i-metodologiya-otsenki-ri/ (10.10.2022)
2. ISO/IEC 27001, Information technology – Security techniques – Information security management systems – Requirements.
3. Ю.Р. Гарасим, В.А. Ромака, М.М. Рибій. Aналіз процесу управління ризиками інформаційної безпеки в процесі забезпечення властивості живучості систем. [Електронний ресурс] // - Режим доступу: http://ena.lp.edu.ua:8080/bitstream/ntb/23330/1/16-90-99.pdf (10.10.2022)
4. Qualys Cloud Platform. Public Site [Електронний ресурс] // - Режим доступу: https://www.qualys.com/ (10.10.2022).
