One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 513150 |
| Date de publication | 2018-03-14 13:00:00 (vue: 2018-03-14 13:00:00) |
| Titre | Explain Vulnerability Management |
| Texte |
All software and hardware has vulnerabilities. So do the non-computing aspects of your organizational security, such as the physical security of your building or how susceptible your employees are to social engineering. Vulnerabilities are everywhere and are in everything. The key to good security is to know how to manage your vulnerabilities. What are they? Where are they? How can they be patched? How can they be mitigated? Which risks are you willing to take?
What is Vulnerability Management?
Vulnerability management is a continuous process of testing, reporting, response, and triage. Bruce Schneier is famous for saying, “Security is a process, not a product.” That very much applies to vulnerability management specifically, as well. You don’t just design systems, configure them, and deploy them. Every day at work you should discover and think about your vulnerabilities and consider how you’ll deal with them.
Two major aspects of your security work will change constantly, whether you like it or not. One is your network and computing infrastructure. New applications will be deployed and patched. New hardware will be introduced. New people will be hired. Policies will be changed. Sometimes regulations change as well. The second constantly changing aspect is the threat landscape. At least one point of your network will be connected to the public internet and new malware and cyber attack bots appear all the time. The way they cyber-. attack and the ways they evade detection will also evolve. New malware can also be introduced to your network through removable media and bring-your-own-devices. There are also social engineering and physical (often building related) attack vectors.
All of those factors evolve and change and that’s the main reason why vulnerability management must be a continuous process. You will also learn something new everyday. If not, you’re doing something wrong.
The Vulnerability Management Process
The first phase of the vulnerability management process is asset discovery. You need to know what’s deployed on your network, which is increasingly difficult with BYOD and lines of business going off and “doing their own thing” outside of IT.
You will learn about vulnerabilities in your network through sources like the CVE security management database, network vulnerability testing, vendor announcements, your logs and your SIEM, reports from your staff, and unfortunately sometimes in the wake of real cyber attacks.
Do make sure you record your vulnerability discoveries in as much detail as possible, and preferably in a way that’s only accessible to the people who need to know about them.
Reports should also be organized according to which aspects a vulnerability pertains to, such as an application your network uses, or a physical building vulnerability. Because vulnerabilities pertain to all the aspects and facets of your network, you should have lots of different categories.
Regulations and compliance standards, as well as company policy, must also be considered. Depending on your company, industry, and jurisdiction, there may be specific standards that your vulnerability management reporting must conform to.
Over time, you will inevitably discover and report a lot of vulnerabilities. A good prioritization process will help you triage your vulnerabilities so you can respond to th |
| Envoyé | Oui |
| Condensat | “doing “security able about accept accessible according all also amount announcements any appear appliances application applications applies are aspect aspects asset attack attacked attacks attitude because being bots bring bruce building business but byod can cases categories categorize certain challenges change changed changing company compliance computing configure conform connected consequences consider considered constantly continuous correlate corresponding cost could cve cyber database day deal dealt decide decisions depending deploy deployed design detail detection device devices different difficult discover discoveries discovery doing don’t effective effectively employees engineering enough entities evade every everyday everything everywhere evolve explain exploited facets factors famous fewer first from going good hardware harm has have help hired how important increasingly industry inevitably information infrastructure internet introduced introduces it’s jurisdiction just keep key know landscape large learn least less like lines logs lose lot lots machines made main major make malware manage management many matter may media might mindset mitigate mitigated mitigating money more much multiple must need network new next non not note: nutshell obviously off often one only organizational organized out outside over own particular patchable patched patching people pertain pertains phase physical point policies policy possible possibly preferably prioritization process product proper protecting public real reason record regulations related remediate removable replacing report reporting reports requires respond response responses risk risks saying schneier second secure security should siem significant social software some something sometimes somewhat sources specific specifically staff stake standards such sure surface susceptible systems take taking testing than that’s them thing” think those threat through time toes too triage two understand unfortunately urgency urgent useful uses vectors vendor very vulnerabilities vulnerability wake way ways well what what’s where whether which who why will willing work would wrong you’ll you’re your |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.