ARCHIVE
ID Number: G00140873



This research is provided for historical perspective;
portions of this document may not reflect current conditions.





Hype Cycle for Vulnerability Management, 2006
6 July 2006
 
Amrit T. Williams   Mark Nicolett   Neil MacDonald   Paul E. Proctor   Kelly M. Kavanagh   John Pescatore   Joseph Feiman   Tom Scholtz   Rich Mogull  

A changing vulnerability and threat landscape and continuing requirements for compliance-related initiatives are driving vulnerability management programs to expand. Vulnerability management consists of a combination of technologies and processes to improve security posture.




Price: US$495.00

Pages: 21











Contact Gartner





Purchasing this document is fast, easy and secure, but you must be registered with gartner.com so we can track your order. Please select your status from these three choices:
Registration is required to purchase this document.
Or, you can register for gartner.com only.
 You or your organization may already own this document. Register now to find out. Your Gartner Membership Administrator can supply the needed License Key(s).
You will not lose your document during registration.
Sign in here:
Username:

Password:
Forgot your username
or password?







For more information about purchasing this or other documents, contact Gartner at one of the telephone numbers below:
North America:    +1 203-316-3010 7:30 am - 8:00 pm Stamford, CT
Europe:    +44 1784 267770 9:00 am - 5:00 pm London
Asia/Pacific:    +65 6879 2785 9:00 am - 6:00 pm Singapore
Japan:    +81 3 3481 3552 9:00 am - 5:30 pm Tokyo

This document is not available as part of your current Gartner subscription. For pricing and availability of the full document, please contact your Gartner account representative. Your account representative can also give you more information about your current subscription and other access options that may be available to you. If you do not have a Gartner account representative, call +1 203 316 1200 for assistance.

Table of Contents

Contents
  • Analysis
    • 1.0 What You Need to Know
    • 2.0 The Hype Cycle
    • 3.0 The Priority Matrix
    • 4.0 On the Rise
      • 4.1 Automated Penetration Testing Tools
      • 4.2 IT Security Policy Management
      • 4.3 SDLC Security Methodologies
      • 4.4 SIM Managed Services
      • 4.5 Source Code Security Scanners
      • 4.6 Risk Rating
      • 4.7 Network Behavior Analysis
      • 4.8 Web Application Vulnerability Scanners
    • 5.0 At the Peak
      • 5.1 Database Vulnerability Scanners
      • 5.2 Passive Network Vulnerability Assessment
      • 5.3 NAC-Enabled Vulnerability Assessment
    • 6.0 Sliding Into the Trough
      • 6.1 SIEM (Information Management)
      • 6.2 Threat Intelligence
      • 6.3 Vulnerability Assessment Managed Services
      • 6.4 Patch Management
    • 7.0 Climbing the Slope
      • 7.1 SIEM (Event Management)
      • 7.2 Host/Agent Vulnerability Assessment
      • 7.3 Network Vulnerability Assessment Scanning
      • 7.4 Security Configuration Management
      • 7.5 SEM Managed Services
    • 8.0 Appendices
      • 8.1 Previous Iteration of the Hype Cycle
      • 8.2 Hype Cycle Phases, Benefit Ratings and Maturity Levels
  • Recommended Reading
Tables
Table 1.
Hype Cycle Phases
Table 2.
Benefit Ratings
Table 3.
Maturity Levels
Figures
Figure 1.
Hype Cycle for Vulnerability Management, 2006
Figure 2.
Priority Matrix for Vulnerability Management, 2006
Figure 3.
For Reference: Hype Cycle for Vulnerability Management, 2005




© 2006 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction and distribution of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner's research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice.




Resource Id: 493574