Vulnerability Management Programs
Our company has been using tools to scan our networks for a long time now to identify Vulnerabilities. The program has been working okay but is quite manual in assigning out findings for remediation as we have multiple teams that are responsible for multiple aspects of our environment. With the size of our environment (1000+ servers, 3000+ workstations, plus lots of other random connected devices) it’s become a major effort to identify appropriate owners to resolve issues.
How are others building in automation to their Vulerability management program around assigning findings to owners to remediate and following up on remediation efforts?