hardening policy and vulnerability management policy
Posted on 2012-03-14
By what names will hardening systems/applications and vulnerability management polcies be referred? Do you have such a policy at your companies or do these areas fit into an over arching policy, are they referred to as something else, or do they fit into the same policy? Do you have a comprehensive list of what security areas are covered by policy, I assume patch management is a 3rd but I guess there will be lots?