Vulnerability Management: How to Identify and Remediate Security Risks at UofL

Before You Begin

Ensure you have a valid UofL user account and login credentials.
Review UofL Information Security policies and procedures for vulnerability management requirements.
Identify the systems, devices or applications you are responsible for.

Objective or Task

Learn how to participate in UofL’s vulnerability management program and address security risks in your department or unit.

Instructions

Identify Vulnerabilities

  • Use ITS-approved scanning tools or request a vulnerability scan from ITS Enterprise Security.
  • Review scan results for misconfigurations, outdated software, insecure coding practices and missing patches.

Evaluate and Prioritize Risks

  • Assess the severity and impact of identified vulnerabilities.
  • Prioritize remediation based on risk to university data, systems and compliance requirements.

Remediate Vulnerabilities

  • Apply software updates, patches and configuration changes as recommended.
  • Remove or disable unused services, accounts or applications.
  • Document remediation actions for compliance and reporting.

Report and Monitor

  • Report unresolved or high-risk vulnerabilities to secureit@louisville.edu or the ITS HelpDesk.
  • Participate in ongoing vulnerability management reviews and follow up on remediation status.

Request Vulnerability Management Services

  • To enroll your department or system in the vulnerability management program, fill out the Vulnerability Management Request Form.

Outcome

After completing these steps, you will be able to identify, remediate and report vulnerabilities, helping protect UofL’s data and systems from cyber threats.

Further Readings

  • UofL Security Information

Need Additional Help

• Contact the ITS HelpDesk: Call 502-852-7997 during business hours:

o Monday through Thursday: 6:00am – 10:00pm
o Friday: 6:00am – 5:00pm
o Saturday: 7:00am – 5:00pm
o Sunday: 10:00am – 10:00pm
o University Holidays: 7:00am – 5:00pm
o Closed on Thanksgiving, the day after Thanksgiving, and Christmas.
o If you have an emergency during off hours, call the HelpDesk to be transferred to an on-call technician, or leave your request on voicemail. Your call will be returned the next day starting at 7am unless you specify a time.

 Live Chat: Chat with the ITS HelpDesk at https://apps.louisville.edu/it/livechat/phplive.php during business hours.

• Submit a Ticket: Use the self-service portal at http://service.louisville.edu to log requests or check the status of existing tickets.

• In-Person Support: Visit the iTechConnect 1:1 help located on the lower level of the Miller Information Technology Center, Belknap Campus, during business hours.

Print Article