Andrew Magnusson has been working in the information security field since 2002, in areas ranging from firewall configuration to security consulting to managing SOC2 compliance. As a consultant deploying enterprise vulnerability management tools he has seen how an organization's vulnerability management practices, or lack thereof, affects their overall information security posture.
An easy read and offers comprehensive solutions to keeping an organization secure and always prepared for possible attacks. --Helga Labus, Help Net Security