TABLE OF CONTENTS Numerous tools are available to assist with vulnerability management. However, determining which tool(s) to leverage is not easy, because no one product can address all of the aspects of vulnerability management, as we discussed in Chapter 7. Therefore, when deciding which vulnerability management tool(s) to use, it s important that you understand each tool s capabilities, and how the available tools work with each other. In this chapter, we will discuss what to look for when evaluating vulnerability management tools, as well as discuss some of more popular commercial and open source tools available today.
To determine what to look for in a vulnerability management tool it helps to think about what the perfect tool would offer. The perfect vulnerability management tool would include capabilities for asset management, vulnerability assessment, configuration management, patch management, remediation, reporting, and monitoring, all working well together, and it would integrate well with third-party technologies.
Ideally, the tool s asset management, vulnerability management, and patch management capabilities would work particularly well together, for three reasons. First, asset management represents the foundation of a vulnerability management program. Without a complete and up-to-date asset inventory, your vulnerability management program will be only marginally effective. Therefore, it s critical that your tools leverage this repository for the list of assets represented within your environment.
Second, you re developing a vulnerability management program, so it would be nice if your vulnerability management tools and auxiliary tools could communicate with one another. A primary example is in...
