Vulnerability Management: Assessing the Risks with CVSS v3.1
Overview
Prioritize the vulnerabilities in your environment using the Common Vulnerability Scoring System (CVSS). Learn how to apply CVSS scores to effectively assess risk.
Vulnerability management can be difficult, and understanding the risks that vulnerabilities pose in your own environment is key to determining how (and in what order) to tackle them. The Common Vulnerability Scoring System (CVSS) was developed to address this. In this course, explore the essential metrics in the CVSS methodology, as well as how to apply CVSS scores to assess risk and determine what to fix first. Instructor Lora Vaughn takes a deep dive into CVSS version 3.1, examining the characteristics it measures, the scoring formula, and how to apply CVSS scores to your environment. Using practical examples, she covers the three most essential aspects of CVSS: Base, Temporal, and Environmental metrics. Upon wrapping up this course, you'll be equipped with the essential knowledge you need to use CVSS scores to prioritize remediation efforts.
Vulnerability management can be difficult, and understanding the risks that vulnerabilities pose in your own environment is key to determining how (and in what order) to tackle them. The Common Vulnerability Scoring System (CVSS) was developed to address this. In this course, explore the essential metrics in the CVSS methodology, as well as how to apply CVSS scores to assess risk and determine what to fix first. Instructor Lora Vaughn takes a deep dive into CVSS version 3.1, examining the characteristics it measures, the scoring formula, and how to apply CVSS scores to your environment. Using practical examples, she covers the three most essential aspects of CVSS: Base, Temporal, and Environmental metrics. Upon wrapping up this course, you'll be equipped with the essential knowledge you need to use CVSS scores to prioritize remediation efforts.
Syllabus
Introduction
- Welcome to this course
- Case study: Red30 technology
- Vulnerability risk assessment
- Vulnerability types and their causes
- Methods for fixing vulnerabilities
- Common terms in vulnerability management
- Intro to the Common Vulnerability Scoring System (CVSS)
- Core elements of CVSS v3.1
- CVSS v3.1 formula
- Making sense of the CVSS vector string
- The CVSS base metric group
- The attack vector metric
- How attack complexity affects risk
- The effects of the privileges required metric on risk
- User interaction and vulnerability risk
- Confidentiality, integrity, and availability impact metrics
- Security scope in CVSS
- Challenge
- Solution
- How exploit code maturity affects risk
- How remediation level affects risk
- How report confidence affects risk
- Confidentiality, integrity, and availability requirement
- Modified base metrics in CVSS
- Using CVSS scores
- CVSS severity rating scale
- Using CVSS scoring in the enterprise
- Remediating vulnerabilities
- Accepting vulnerability risks
- Challenge
- Solution
- Next steps
Taught by
Lora Vaughn
Related Courses
-
Introduction to Cybersecurity for Business
University of Colorado System
4.0 -
Security Testing: Vulnerability Management with Nessus
-
Performing a Technical Security Audit and Assessment
-
Introduction to Cybersecurity
SecurityScoreCard
-
Ethical Hacking: Penetration Testing
-
Exploiting and Securing Vulnerabilities in Java Applications
University of California, Davis
Reviews
0.0 rating, based on 0 reviews
Never Stop Learning!
