Vulnerability Assessment Basic Component

1. Policy definition includes defining the desired state for device configurations, user identity, and resource access.

2. Baseline your environment to identify vulnerabilities and policy compliance.

3. Prioritize mitigation activities based on external threat information, internal security posture, and asset classification.

4. Shield the environment, prior to eliminating the vulnerability, by using desktop and network security tools.

5. Mitigate the vulnerability and eliminate the root causes.

6. Maintain and continually monitor the environment for deviations from policy and to identify new vulnerabilities.