Your boss wants you to draft a two- to three-page vulnerability process and assessment memorandum addressing the main points of a VM process for Mercury USA. You will cover the main elements of a vuln


Your boss wants you to draft a two- to three-page vulnerability process and assessment memorandum addressing the main points of a VM process for Mercury USA. You will cover the main elements of a vulnerability management process, tailored to Mercury USA’s business in the transportation sector, evaluate the OpenVAS scanning tool, and provide recommendations for mitigating the vulnerabilities found within the OpenVAS report.

The third-party pen tester used the free tool Open Vulnerability Assessment Scanner (OpenVAS) to scan Mercury USA’s network. Review the report from the OpenVAS Scan

As you review the scan consider 

Priority

  • Difficulty of implementation
  • Communication/change control
  • Inhibitors to remediation
    • MOUs
    • SLAs
    • Business process interruption
    • Degrading functionality

https://www.dropbox.com/scl/fi/y6cvsgrwoig303rv8kt49/VulnerabilityManagementProcessMemorandumTEMPLATE.docx?rlkey=yqpu0ej98aujs3k2vpglrk3vo&st=1x0uyduk&dl=0

https://www.dropbox.com/scl/fi/ockkttedgzfwqf83datc9/Scan-Report.pdf?rlkey=68sr1q7iim1jc744fowd6momt&st=q2r9sfba&dl=0