https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-115.pdf
This NIST Special Publication is a guide to the basic technical aspects of conducting information security assessments.
https://purplesec.us/learn/vulnerability-prioritization/
This article from PurpleSec identifies the importance of prioritizing vulnerabilities.
https://www.sprocketsecurity.com/blog/vulnerability-management-best-practices
This article from Sprocket Security highlights the challenges of vulnerability management and how to establish an effective vulnerability management program.
