top of page

Vulnerability, Threat & Risk (VTR) Management

Residual Risk verses Risk Appetite

If you know your (nominal) threat and risk exposure, you can better identify (risk appetite based) appropriate preventative and detective controls.  This results in a residual risk exposure level which is critical to protecting your business and reputation. 

Engagement scope

  • Gap Analysis & Road mapping

  • Project Management

  • Process design

  • VTR tool customisation

  • VTR Tool training

  • Risk appetite modelling

  • Attack Surface Analysis outputs

  • sSDLC SAST - residual security defects

  • Pen Test Results- residual vulnerabilities

  • Operational / DevOps vulnerabilities

  • Vendor Risk Management (VRM)

bottom of page