Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

SP 800-40 Version 2.0

Creating a Patch and Vulnerability Management Program

Date Published: November 2005

Withdrawn: July 22, 2013

Superseded By: SP 800-40 Rev. 3 (July 2013)
Supersedes: SP 800-40 (August 2002)

Author(s)

Peter Mell (NIST), Tiffany Bergeron (MITRE), David Henning (Hughes Network Systems)

Abstract

Keywords

computer security; security patches; vulnerability management
Control Families

Awareness and Training; Configuration Management; Planning; Risk Assessment;

Documentation

Publication:
SP 800-40 Version 2.0 (DOI)
Local Download

Supplemental Material:
None available