Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

SP 800-40 Version 2.0

Creating a Patch and Vulnerability Management Program

Date Published: November 2005

Supersedes: SP 800-40 (08/01/2002)

Author(s)

Peter Mell (NIST), Tiffany Bergeron (MITRE), David Henning (Hughes Network Systems)

Abstract

Keywords

computer security; security patches; vulnerability management
Control Families

Awareness and Training; Configuration Management; Planning; Risk Assessment;

Documentation

Publication:
SP 800-40 Version 2.0 (DOI)
Local Download

Supplemental Material:
None available