8 Elements of Complete Vulnerability Management - Slide 8

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
Next 8 Elements of Complete Vulnerability Management-8 Next

Internal and external assessments along with policy scanning are all about giving valuable information to the IT administrator, who can then remediate identified security weaknesses. Some believe that with a patch management solution, there is no need for vulnerability scanning. Patch management is the most common way of fixing identified vulnerabilities, but it isn’t the only way. Identified vulnerabilities may be caused by misconfigurations or the natural outcome of doing business a particular way. Only about half of discovered vulnerabilities can be remediated through a patch management solution. That leaves 50 percent or more vulnerabilities still being a concern for you. Additionally, vulnerabilities may be discovered long before a patch or fix is available. While it may be difficult to protect systems against these 0-Day attacks, knowing they exist offers IT administrators the foreknowledge to add other security layers to protect vulnerable systems.

When using a patch management system, be sure you are updating all operating systems that you use in your network, as well as any third-party applications installed on your systems. Most organizations do a good job of keeping Microsoft operating systems and applications up to date, but don’t fare nearly as well when it comes to Linux, UNIX, Mac, and third-party applications such as Adobe. This is often due to the use of Microsoft’s system update service (SUS), which is the free Microsoft patching program. It only offers updates to Microsoft applications and operating systems and leaves all others exposed and vulnerable to exploit.

Today’s threat landscape offers attackers a much larger selection of attack points in the form of open firewall ports for business traffic, Web or other servers behind the firewall, along with all applications running internally on the network, including PCs and servers. This gives the bad guys a wealth of attack methods to find vulnerabilities in your network. Attackers even have applications that take all the difficulty out of hacking into your network. These programs can be used to run high-speed automated attacks that were unthinkable a few years ago.

External threats are now the minority attack method. Attacks targeting internal systems are more lucrative financially and more effective than external attacks. Spam, phishing, social engineering, malware, Trojans, portable media devices, and other methods are commonly used to compromise systems while completely subverting traditional security solutions such as firewalls, intrusion detection systems, and even previous external vulnerability scans.

Bottom line: It is easy to be a hacker, and hard to stay ahead of them. One silver lining is that many of these attack methods rely on the system being vulnerable in some way. A lot of attacks are looking for weaknesses or misconfigurations in browser and Web applications. Malicious websites, whether used in conjunction with spam, phishing, search engine manipulation or any of several other attack types, often require a vulnerable system in order for the hackers to be successful. Identifying and remediating these vulnerabilities becomes one of the methods we can use to stay ahead of criminals.

Here, Perimeter Chief Architect Kevin Prince offers up eight steps you should take to protect your organization.

You can check out other slideshows from Perimeter: Data Breach Trends of 2009, Tracking Data Breaches by Incident, and Top Security Threats for 2010.

Related Topics : Cyber Crime, Fiber-to-the-Premises, Infrastructure Concerns, Service Level Agreements, Telecommuting

More Slideshows

infra12-190x128 Top Five Vulnerabilities that Enable Phone Fraud

The phone system presents a perfect storm of characteristics, both new and old, that invite malicious abuse. Here are the top five vulnerabilities. ...  More >>

mobile15-190x128 Five Tips to Keep Employees Connected During the Holidays

So how do businesses make sure their employees stay connected during this busy travel time, no matter where they are? ...  More >>

Leadership Scorecard: The Top Six Telecom Vendors

Vendors are evaluated on criteria using actual data and metrics, including direct feedback from buyers, vendor market share, share momentum, financials and solution portfolio. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.