Just under the surface of every enterprise network, thousands (and often millions) of vulnerabilities leave an organization’s operating systems, applications, network devices, and other critical IT systems vulnerable to outside attack. Vulnerability management solutions play a critical role in protecting organizations from attacks by identifying and analyzing risks constantly, helping security teams limit the risk exposure by fixing or blocking the gaps with patches, IPS or other compensating security controls.
Old-school vulnerability scanning processes can prove disruptive and slow, generate huge amounts of irrelevant data, and can take months to complete from beginning to end. However, this process is inefficient when hackers and cyber criminals only need to find one vulnerability to infiltrate a network. In turn, organizations are faced with having to choose between adding more resources to expand an inefficient process, or limit the scope of vulnerability analysis and leave the network at risk of potentially devastating cyber attacks.
As next-generation solutions are setting new standards for coverage, speed, and accuracy of the typical vulnerability management process, security managers need to rethink their network protection. Gidi Cohen, CEO and founder of Skybox Security, shares five questions security managers need to ask themselves when analyzing their current vulnerability management solution.
Click through for five questions organizations should ask when evaluating a vulnerability management solution, as identified by Gidi Cohen, CEO and founder of Skybox Security.
Question: Are you able to eliminate high-risk vulnerabilities faster than new ones are added?
Answer: If you don’t have the ability to identify vulnerabilities daily and prioritize risks by severity immediately, the time window of risk exposure keeps growing. By the time you get to an important vulnerability, your network may have already been penetrated.
Question: How long does it take to get through a complete cycle?
Answer: Old-school vulnerability management could take up to 30-60 days to scan 50 percent of the network. A next-generation solution should be able to assess vulnerabilities on 90 percent of the network in less than one day, allowing remediation on the most critical risks to start the same business day.
Question: What’s your false positive rate? Double digits or less than 1 percent?
Answer: False positives mean wasted time for IT. If your false positive rate is more than 1 percent, your staff is spending a lot of time separating relevant risks from irrelevant noise.
Question: Have you been banned from scanning parts of the network?
Answer: Many security managers forego scanning the most critical parts of the network to avoid network disruption. Non-disrupting next-generation techniques can find vulnerabilities without taking down services, allowing security teams to get the information they need and keep the business running smoothly.
Question: If someone asks ‘what are the biggest risks to our network today,’ can you provide a good answer immediately?
Answer: Always be ready to answer the boss. Having up-to-date insight about cybersecurity risks and the ability to report on vulnerability information by business unit and platform type is imperative – plus it will make you look good.