The paper addresses the management of assets and vulnerabilities in critical infrastructures, highlighting the classification by criticality and compliance with security policies.
A case study is presented detailing its implementation in Windows and Linux environments.
Vulnerability prioritization strategies using metrics such as CVSS, EPSS and CVSS-BT are explained.
Patching functionalities, compliance with security benchmarks and reporting are also addressed.
Finally, integration with GLPI and SIEM is discussed, and recommendations for scalable and controlled cybersecurity management are offered.