Optimization of the Security Incident Management plan of NNIT A/s via the Integration of the Vulnerability Reports Creator

Abstract: Modern IT companies manage security of their customers'networks following particular models, processes and procedures. In this thesis are presented the most important and widespread guidelines on Security Incident Response Plans as well as the implementation of a software for an IT danish company called NNIT. In particular, this software aims to improve NNIT's Security Incident Management Process generating automatic reports of vulnerabilities found in NNIT clients networks. Enhancing this process reducing its execution time is directly translated into a proactive response where vulnerabilities are tackled and patched before an attacker could exploit them. The software developed and described in this thesis is called VRC and thanks to a particular algorithm analyzes the database of vulnerabilities found by the vulnerability scanner and produces customizable reports. In the reports, the list of vulnerabilities is ordered by severity and number of machines a ected in order to present the most urgent vulnerabilities that should be xed. Finally, an evaluation of the VRC performance and usefulness is also included.