Optimization of the Security Incident Management plan of NNIT A/s via the Integration of the Vulnerability Reports Creator
Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Modern IT companies manage security of their customers'networks following particular models, processes and procedures. In this thesis are presented the most important and widespread guidelines on Security Incident Response Plans as well as the implementation of a software for an IT danish company called NNIT. In particular, this software aims to improve NNIT's Security Incident Management Process generating automatic reports of vulnerabilities found in NNIT clients networks. Enhancing this process reducing its execution time is directly translated into a proactive response where vulnerabilities are tackled and patched before an attacker could exploit them. The software developed and described in this thesis is called VRC and thanks to a particular algorithm analyzes the database of vulnerabilities found by the vulnerability scanner and produces customizable reports. In the reports, the list of vulnerabilities is ordered by severity and number of machines a ected in order to present the most urgent vulnerabilities that should be xed. Finally, an evaluation of the VRC performance and usefulness is also included.
Place, publisher, year, edition, pages
2016. , 58 p.
Vulnerability scanner - Security - NNIT - Incident Management
Electrical Engineering, Electronic Engineering, Information Engineering
IdentifiersURN: urn:nbn:se:kth:diva-190116OAI: oai:DiVA.org:kth-190116DiVA: diva2:951604
Subject / course
Master of Science -Security and Mobile Computing
Hidell, Markus, Associate Professor