Our consultants can be engaged to undertake Vulnerability Management as part of a managed service in the following ways:
Consultative. As per the the Vulnerability Management Service above, this is often undertaken as part of our vCISO service.
Security Device Management. It is critical that Security devices such as firewalls, IPS etc are patched in a timely fashion. If a critical patch is released for these devices our client will be notified, whereupon they will make a decision as to whether we patch them immediately or await your next scheduled patching cycle. The patching cycles can be scheduled to match those of the vendors, though most clients opt for monthly. The client will be notified of any patching required so that they can authorise the deployment and any downtime which might be required.
Endpoint Vulnerability Management. Our consultants will provide an agent to be deployed onto each host, these agents provide constant vulnerability assessment of their hosts, roughly every 240 minutes. This is especially important for remote and home working staff who may otherwise go for weeks or even months without being checked. The patching cycle is usually every 4 weeks, though you will be notified of any critical patches. The patches won't be deployed without your authorisation.