Change search
ReferencesLink to record
Permanent link

Direct link
Optimization of the Security Incident Management plan of NNIT A/s via the Integration of the Vulnerability Reports Creator
KTH, School of Information and Communication Technology (ICT).
2016 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

Modern IT companies manage security of their customers'networks following particular models, processes and procedures. In this thesis are presented the most important and widespread guidelines on Security Incident Response Plans as well as the implementation of a software for an IT danish company called NNIT. In particular, this software aims to improve NNIT's Security Incident Management Process generating automatic reports of vulnerabilities found in NNIT clients networks. Enhancing this process reducing its execution time is directly translated into a proactive response where vulnerabilities are tackled and patched before an attacker could exploit them. The software developed and described in this thesis is called VRC and thanks to a particular algorithm analyzes the database of vulnerabilities found by the vulnerability scanner and produces customizable reports. In the reports, the list of vulnerabilities is ordered by severity and number of machines a ected in order to present the most urgent vulnerabilities that should be xed. Finally, an evaluation of the VRC performance and usefulness is also included.

Place, publisher, year, edition, pages
2016. , 58 p.
Keyword [en]
Vulnerability scanner - Security - NNIT - Incident Management
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
URN: urn:nbn:se:kth:diva-190116OAI: diva2:951604
Subject / course
Electrical Engineering
Educational program
Master of Science -Security and Mobile Computing
Available from: 2016-08-09 Created: 2016-08-09 Last updated: 2016-08-09Bibliographically approved

Open Access in DiVA

fulltext(2605 kB)8 downloads
File information
File name FULLTEXT01.pdfFile size 2605 kBChecksum SHA-512
Type fulltextMimetype application/pdf

By organisation
School of Information and Communication Technology (ICT)
Electrical Engineering, Electronic Engineering, Information Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 8 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 1 hits
ReferencesLink to record
Permanent link

Direct link