itpro-today_200

Sponsored by:

adaptiva-logo-v4

WEBINAR EXECUTIVE SUMMARY

Vulnerability Management:

It’s So Much More Than Patching

KEY TAKEAWAYS

  • Vulnerability management is a mindset; a continuous process with a detailed focus.
  • Organizations need processes to detect, prioritize, resolve and review threats.
  • Employees need to be a part of the business’s vulnerability management plan.
  • IT teams need to focus on threat actions, points of entry, and frequency in 2019.
  • Adaptiva Evolve VM provides automated next generation vulnerability management.

Security strategy revolves around addressing threats and vulnerabilities, which means ensuring all systems and applications in the production environment are up to date with the proper patches, updates, and system configurations applied.

With so many different systems, technologies, and devices in a single organization, knowing about and remediating every risk is a daunting task.

Vulnerability management processes can help businesses identify and fix high vulnerabilities, but the sheer number of known and yet-to-be-found software issues makes this a daunting, impossible task. Automated solutions, like Adaptiva Evolve VM, allow organizations to quickly identify and resolve issues, decreasing the risk of attack.

Vulnerability management is a mindset: a continuous process with a detailed focus.

Vulnerability management goes beyond just patching operating systems and applications; it’s an enterprise-wide organizational mindset. Because numerous vulnerabilities are released every day, organizations need to have a continuous, detail-focused process to be successful in thwarting threats to their systems.

Watch the webinar to learn more about Vulnerability Management: It’s So Much More Than Patching.

Presenters

click presenter image to see bio

Vulnerability Management: It’s So Much More Than Patching

In our recent webinar, Nick Cavalancia discussed vulnerability management and the standards and processes IT teams can use to develop a vulnerability management mindset within an organization. Dan Richings discussed the benefits of Adaptiva Evolve VM’s automated solution.  Watch the webinar, or download a PDF of the summary.

Several standards already exist that help organizations define vulnerabilities and develop protocols to manage them.

Vulnerability management standards, configurations, and information.

Scanning & Assessing Vulnerabilities

Security content automation protocol (SCAP) is an open standards-based protocol developed by the National Institute of Standards and Technology (NIST). It includes:

  • Management, measurement, and compliance definitions.
  • Common vulnerabilities and exposures (CVE).
  • Common configuration enumeration (CCE) defining common configurations.
  • Common platform enumeration (CPE) defining common platforms.
  • Vulnerability scoring.

Configuration Baseline

Defines the baseline that should be in place and associated benchmarks.

Vulnerability Definitions

Several databases are available that identify and define CVEs along with what needs to be done for remediation.

Vulnerability Compliance

Most compliance standards offer a high level requirement to establish and maintain levels of security. The Payment Card Industry (PCI) standard is more specific and a good starting point for thinking about compliance needs. Section 11 states:

  • All actively and passively detected systems have been scanned in the last 90 days.
  • No systems have exploitable vulnerabilities.
  • No systems have critical vulnerabilities.
  • No systems have high vulnerabilities.

Organizations need processes to detect, prioritize, resolve, and review threats.

Organizations need to develop and follow a vulnerability management process that meets their needs. This includes detecting threats, prioritizing them, deploying resolutions, and reviewing and reporting on outcomes.

Detect
Vulnerabilities using a network-based scan, at least weekly, to look externally. Use agent-based authenticated scans with a dedicated user account to view vulnerabilities from within the operating system.
Prioritize
Issues and vulnerabilities so the riskiest are remediated first.
Deploy
Patches, updates, and configuration changes to the affected operating systems and applications.
Review
The results, comparing scans after the remediation to the previous scan to understand what problems remain.

We’ve got to make sure the organization is as secure as humanly possible all of the time. It’s more of a culture, a mindset. It’s a way of how we’re going to operate.

Nick Cavalancia
Contributor
IT Pro Today

Employees need to be a part of the business’s vulnerability management plan.

Employees across the organization need to understand the importance of vulnerability management and how they can help ensure the business is secure from cyberattacks. Frequent and continuous security awareness training (SAT) helps create a security culture by providing a heightened sense of awareness as well as an understanding of what is important and why.

As part of the training, the security policy and an expectation of employee cooperation with assessment and remediation tasks also need to be communicated to employees.

Employee Security Training Topics

Such as secure and secret passwords that are not shared with others.

Through phishing and other common methods.

How to handle sensitive data.

Such as when a laptop is stolen.

When they occur so they can be responded to immediately.

IT teams need to focus on threat actions, points of entry, and frequency in 2019.

The SANS Institute provides a regularly updated list of the 25 most dangerous software errorsIn March 2019 this list included unsecured computer interactions, system resource problems, and missing defenses.  While that list can help identify the latest hot vulnerabilities, the real focus for IT teams in 2019 is on more general concepts of threat actions and point of entry, as well as frequency.

Vulnerabilities to focus on in 2019.

Threat Actions and Points of Entry

What are the bad actors doing and how do they spread their exploits? What points of entry are most vulnerable to an attack?

  • Email attachments and links, and how to secure the operating system against these threats.
  • Web links, and how to prevent the browser from automatically downloading viral scripts and other items.
  • Microsoft Office and other third-party applications containing malicious items and scripts.

Frequency

How often are vulnerabilities exploited and are scans frequent enough for resolution.

  • Zero day exploits.
  • More frequent scans and remediation.
evolve-vm

Adaptiva Evolve VM provides automated next-generation vulnerability management.

Most organizations cannot keep up with the volume of vulnerabilities, even when using assessment tools. This results in a general philosophy of partial remediation, which can leave them open to attack.

Adaptiva Evolve VM provides an automated, next-generation vulnerability management solution that follows the full cycle of vulnerability management: detection, prioritization, remediation, and review.

Evolve VM resolves vulnerabilities and compliance issues in minutes, rather than the months it can take to detect and remediate security issues. The next generation:

  • Is resolution focused rather than assessment focused, designed for finding and fixing problems as quickly as possible.
  • Is network protective rather than network intensive; the solution uses peer-to-peer powered assessment and remediation to negate network degradation.
  • Triggers remediation automatically rather than waiting on service desk tickets to move through process timelines.
  • Uses self-managed automation instead of manual administration.

Attackers don’t necessarily focus on vulnerability severity when they’re planning an attack. They also have first mover advantage and they don’t hesitate to exploit low criticality vulnerabilities.

Dan Richings
Vice President of Solutions and Support
Adaptiva

The solution includes an interactive dashboard, endpoint compliance and vulnerability checks, and real-time remediation actions.

It also includes a visual workflow designer and engine, allowing IT teams to create custom compliance and security checks, easily integrating with other third-party products.

v-v2

For more information on Adaptiva Vulnerability Management:

Start typing and press Enter to search

Share this on LinkedIn Share this on Twitter