Implementing Vulnerability management in a global industrial company
Saarinen, Lotta (2025)
2025
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2025111027466
https://urn.fi/URN:NBN:fi:amk-2025111027466
Tiivistelmä
This thesis aims to create insights into building vulnerability management services (VMS) into company infrastructures with priority on IT and OT systems. As cyber threats evolve and new vulnerabilities are discovered daily, organizations face pressure to address these weaknesses, mitigate risks, and ensure the integrity of their assets. Vulnerability management is not only critical for maintaining security but also for meeting compliance and legal requirements, protecting organizational reputation, and sustaining operational continuity.
The objective was to implement a vulnerability management tool that includes asset management, network scanning, vulnerability identification and vulnerability prioritizing. When establishing a clear process for vulnerability detection and assessment, companies can take proactive steps to handle threats and improve their security posture.
The topic is first researched by explaining relevant concepts of vulnerability management and comparing various tools to find the best fit for the company’s needs. It then presents a detailed case study using the Tenable One solution, introducing how vulnerability management can be deployed into company environments. The study also highlights practical challenges, reporting of discovered vulnerabilities, and future improvements.
The objective was to implement a vulnerability management tool that includes asset management, network scanning, vulnerability identification and vulnerability prioritizing. When establishing a clear process for vulnerability detection and assessment, companies can take proactive steps to handle threats and improve their security posture.
The topic is first researched by explaining relevant concepts of vulnerability management and comparing various tools to find the best fit for the company’s needs. It then presents a detailed case study using the Tenable One solution, introducing how vulnerability management can be deployed into company environments. The study also highlights practical challenges, reporting of discovered vulnerabilities, and future improvements.