One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 2180823 |
| Date de publication | 2021-01-13 06:01:00 (vue: 2021-01-13 07:05:28) |
| Titre | What is a vulnerability management program and should your business have one? |
| Texte | This blog was written by a third party author. The rapid rate of change in attack methods and techniques in today’s cybersecurity landscape has made the keeping of an environment secure increasingly more difficult, causing many to fall into a dangerous state of simply reacting to current threats. Organizations that are serious about the state of their cybersecurity readiness are seeking to proactively look for those vulnerable applications, operating systems, and platforms within the network environment that cybercriminals would otherwise exploit to gain access, elevate privilege, laterally move, establish persistence, and carry out actions to a malicious end. One tenet of a comprehensive proactive security strategy is that of vulnerability management. Vulnerability management is commonly defined as “the practice of identifying, classifying, remediating and mitigating vulnerabilities.” Unlike patching based on security thresholds such as Common Vulnerability Scoring System (CVSS), vulnerability management is a continual process that seeks to intelligently prioritize the response to daily identified vulnerabilities before an attacker attempts to exploit them, keeping the organization as secure as possible. What is a Vulnerability Management Program? A Vulnerability Management Program is a risk-based, established continuous process within the organization designed to address the need to identify and remediate vulnerabilities. It leverages a team of members spanning across multiple departments including security, IT, AppSec, and DevOps; tools such as asset management, vulnerability scanning, and vulnerability assessment solutions, as well as a means to update the potentially wide range of disparate operating systems, applications, appliances, and devices involved. The pillars of vulnerability management A Vulnerability Management Program generally consists of just four basic pillars: Discovery – Having an understanding of every potential source of vulnerability including laptops, desktops, servers, firewalls, networking devices, printers, and more serves as the foundation for any solid Vulnerability Management Program. Identification – Using a vulnerability scanning solution, those systems and devices under management are scanned, looking for known vulnerabilities and correlating scan findings with said vulnerabilities. Reporting / prioritization – This step is a bit more complex than I’m going to cover here. Keeping in mind that you may have thousands of potential vulnerabilities (depending on the size and complexity of your environment), there will no doubt be varying factors that will determine which discovered vulnerabilities take priority over others. But in this step, those on the Vulnerability Management Program team will need to assess the identified vulnerabilities and determine priority. Response/remediation – It should be noted first that the remediation step isn’t always “patch it.” In some cases, there isn’t a patch and so the remediation actions utilize some kind of compensating control. Part of the process of remediating involves re-testing – whether via another vulnerability scan or penetration test. A framework for building a program in-house Providing you have ample staffing and internal expertise, it is possible to implement a Vulnerability Management Program in-house. As previously implied, it will take a team of folks who are responsible for the various parts of the organization that are impacted by both vulnerability scans and the resultant patching and/or remediation. Building a framework is also going to take some dedicated time to build, test, and adjust to meet your organization’s specific needs. A myriad of software solutions will be needed (whose list will be influenced by your industry/vertical’s individ |
| Envoyé | Oui |
| Condensat | “patch “the 24/7 ability about access accurately across actions address adjust advanced agree along also always ample analysis and/or another any appliances applications appsec are aspects assess assessment asset assets assistance attack attacker attempts author based basic been before being below: bit blog both bring budget build building business but buy can can’t carry cases causing center change cis classifying common commonly compensating complex complexity comprehensive configuration consider considered consists contain continual continuous control converage correlating cost costly cover critical current cvss cybercriminals cybersecurity daily dangerous dedicated defeats defined departments depending describes designed desire desktops despite determine determining devices devops; different difficult discovered discovery disparate don’t done doubt each effective effectiveness elevate end ensuring environment establish established etc even every everyone executed experience expertise exploit exposure factors fall findings firewalls first five focus folks formulate found foundation four framework freeing gain generally geographies get goals going good great handle has have having headcount help here house house; i’m idea identification identified identify identifying impact impacted implement implied including increasingly individual industry/vertical’s influenced initiatives intelligently internal internally internet involved involves isn’t it’s just keeping key kind know known landscape laptops lastly laterally left less level levels leverages likely link list look looking made malicious managed management management mandates many maturity may means meet members methods mind minimum mitigating model more most move multiple must myriad necessary need needed needs network networking not noted nuances number offer one operating organization organization’s organizational organizations other others otherwise out outside outsourced outsourcing over page part particularly parts party patch patches patching penetration perform periodically persistence pillars pillars: place platform platforms poses positively possible potential potentially practice previously pricing printers prioritization prioritize priority privilege proactive proactively process program protect provider provides providing purpose quickly range rapid rate reacting readiness really reasons remediate remediating remediation reporting require resources response response/remediation responsible resultant risk said same sans scan scanned scanning scans scoring second secure security seeking seeks serious servers serves service services settings should shown simply size software solid solution solutions some source space spanning specific staff staffing started: state step strategy subscription such system systems table take team techniques technologies technology tenet test tested testing than them third those though thousands threat threats thresholds time today’s together tools traditionally triage under understanding unlike update using utilize various varying vulnerabilities vulnerability vulnerable well what when whether which who whose wide will within would written you’re your |
| Tags | Vulnerability Patching |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.