I'm pleased to announce our fourth release, the Vulnerability Management Program Pack. The goal of this release is to provide everything you'd need to establish and setup a fully functioning vulnerability management program at your company.

- Robert Auger (@robertauger)

In this pack, we cover:

Vulnerability Level Definitions: This document outlines vulnerability severity levels to help your company consistently evaluate and prioritize discovered issues. It also provides standard remediation SLAs as a baseline for setting remediation expectations.
Vulnerability Reporting Requirements: This document describes the minimal information needed in a vulnerability report to support evaluation and prioritization. It also includes examples of automation that can be used to report vulnerability remediation expectations to risk owners.
Vulnerability Program Preparation Checklist: This checklist provides a step-by-step guide to researching, piloting, testing, and rolling out vulnerability tracking at your company. It also discusses examples of automation for tracking vulnerability ticket health and oversight.
Vulnerability Management Process Diagram: This diagram outlines the various steps to perform when automation runs, ensuring stakeholders are well-supported and ticket health is properly managed. It aligns with the content in the Vulnerability Program Preparation Checklist.
Vulnerability Management Runbook: This runbook contains the steps outlined in the process diagram as a checklist, with a strong focus on ticket health oversight and stakeholder support.
Vulnerability Management Metrics: This document outlines common, baseline metrics for managing vulnerabilities at your company.

Announcement: https://www.sectemplates.com/2024/08/announcing-the-vulnerability-management-program-pack-10.html
Download on Github: https://github.com/securitytemplates/sectemplates/tree/main/vulnerability-management/v1