One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 741835 |
| Date de publication | 2018-07-12 13:00:00 (vue: 2018-07-12 16:01:28) |
| Titre | Continuous Information Security Monitoring to Combat Continuous Threats |
| Texte |
Continuous security monitoring -- a term you’ve heard time and time again. And, while you may be tired of hearing the term, the fact is that continuous monitoring is vital when it comes to mitigating risk, protecting critical assets, and meeting compliance demands.
Unfortunately, continuously security monitoring has become more and more of a challenge given that today’s networks no longer have a defined perimeter, but rather ever-evolving and dissolving network boundaries due to the rise of cloud and mobile computing.
This growing attack surface is a cyber-criminal’s dream and a network defender’s nightmare. The bad guys only need to find one weak spot, while you’re tasked with defending against all potential weak spots. That’s definitely not a fair playing field.
So where do you start? Well, to state the obvious, you can’t monitor what you can’t see, so getting visibility into who and what is connecting to your network is the first step. Automated asset discovery is one of the most essential capabilities for a continuous security monitoring program.
But, it’s not just knowing which assets are running on your network, you need to know what software and services are installed on them, how they’re configured, and whether there are any vulnerabilities or active threats being executed against them. Constant application updates and changes to application and system configurations can introduce vulnerabilities and leave you susceptible to an attack, even if you are keeping your security controls up to date. This brings us to step two in continuous security monitoring -- continuous vulnerability management.
Let me take this opportunity to throw in a frightening stat. According to the National Vulnerability Database (NVD), more than 14,700 vulnerabilities were reported in 2017, doubling that of 2016. Needless to say, vulnerability management is an ongoing process, and therefore by its very nature an essential part of any continuous security monitoring initiative.
Continuous asset discovery and continuous vulnerability management go hand-in-hand. You can’t have one without the other when it comes to implementing a successful continuous security monitoring program. And, while you could leverage two separate tools to perform each of these tasks, why not make your life easier with a single solution that combines these capabilities? Even better, why not leverage a solution that combines all the essential capabilities for continuous security monitoring!
AlienVault® Unified Security Management® (USM) gives you the upper hand in detecting and remediating the vulnerabilities in your environment before attackers exploit them. It does so by delivering automated asset discovery and vulnerability scanning as part of a unified platform that also includes intrusion detection, behavioral monitoring, SIEM event correlation, log management, and very importantly, continuously updated threat intelligence.
With AlienVault USM, you get crucial real-time visibility into assets on your network, which ones are vulnerable, and where the asset is actually exposed to threats – allowing you to focus on the most important issues first. You'll be able to quickly answer critical and time-sensitive questions, such as:
What devices are on my physical and virtual networks?
What instances are running in my cloud environments?
What vulnerabilities exist on the assets in my cloud and network?
Are there known attackers trying to interact with my cloud and network assets?
Are there active threats on my cloud and network assets?
|
| Envoyé | Oui |
| Condensat | continuous gives siem 2016 2017 700 a unified platform able according active actually advantage again against alienvault alienvault® unified all allowing also answer any application are aren’t as: asset assets attack attackers automated bad become before behavioral being better boundaries brings but can’t capabilities challenge changes cloud combat combines combines all the comes compliance computing conclusion configurations can configured connecting constant continuous continuously controls correlation could criminal’s criminals critical crucial cyber database date defender’s defending defined definitely delivering demands detecting detection devices discovery dissolving does doubling dream due each easier environment environments essential even event ever evolving executed exist exploit exposed face fact fair field find finding first focus frightening gain get getting given going growing guys hand has have heard hearing help holes how implementing important importantly includes information initiative installed instances intelligence interact introduce intrusion issues it’s its just keeping know knowing known leave let let’s leverage life log longer make management management® may meeting mitigating mobile monitor monitoring monitoring more most must national nature need needless network networks nightmare not nvd obvious one ones ongoing only opportunity other over part perform perimeter physical playing potential process program protecting questions quickly rather real remains remediating reported rise risk running say scanning security see sensitive separate services single software solution spot spots start starts stat state step successful such surface susceptible system take tasked tasks term than that’s them therefore these they’re threat threats throw time tired today’s tools trying two unfortunately updated updates upper usm very virtual visibility vital vulnerabilities vulnerability vulnerable weak well what when where whether which who why will without you'll you’re you’ve your |
| Tags | Vulnerability Threat |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.