NEW Research: The Attacker-Defender Divide  
Download now >
Contact Us
Talk to an Expert
Request a demo

Why Now Is the Time to Deep Clean Your Network

Jun 16, 2020
Jerry Gamblin

Share with Your Network

The other weekend, as I was out grocery shopping, I saw my favorite local Mexican restaurant with their doors propped open as they deep cleaned their restaurant. Its staff was preparing for reopening.

It got me thinking. One of the biggest complaints I have had and heard as a security professional — never having the time to do the needed maintenance to systems. This could be one of the few times (hopefully) in our career that we have time to do a reset. 

A big challenge in modern vulnerability management is that there are some assets that we never really get around to maintaining and patching. Wireless networks are ubiquitous. But you can’t patch them if someone is using them, and someone is always using them. 

While we prepare for the future and potentially returning to our offices, here is a list of things you and your teams should look at “deep cleaning”. 

Inventory

One of the most important things you can do is to get a good understanding of what is actually live on your network. For your internal network, I suggest looking at Rumble Network Discovery by HD More and for your external network, look at Intrigue from Jonathan Cran.  

Infrastructure Patch and Update

Now is probably a good time to take some time and try to get back to the office before everyone else and update those devices that are always in use or hard to patch when people are in the office. An example list looks like: 

  • Firewall and VPN Hardware
  • Wireless Network APs and Controllers
  • Printers & Copiers
  • ILO and Server Firmware
  • Other IoT Devices (Why not patch the coffee machine in the break room?)

Logging

After you get everything patched it is a good time to review your centralized logging systems and make sure you are getting all the logs you may need.  If you don’t have a centralized logging system I recommend looking at Wazuh which is based on OSSec and uses ELK. 

Client Security Tools & Settings 

While you are deep cleaning don’t neglect your client systems and take care of them. 

  • Enable & Update AV
  • Audit & Disable Unneeded Local User Accounts
  • Remove Unneeded Programs
  • Give your Macs and Windows 10 devices a tune-up 

Patch Endpoints

It is also a really good time to think about doing some “deep patching” of your endpoint systems. As pointed out in the recent Kenna Security research, most organizations should spend some time concentrating on patching non-OS software that includes Adobe Reader, Flash, and Oracle Java. 

Stretch Goals

If you have completed the above, I suggest that you take the time and look at deploying OSQuery on your network. It is quickly becoming the go-to tool for security professionals in 2020. 

It is probably a good time to really understand Zero Trust and I suggest picking up Zero Trust Networks: Building Secure Systems in Untrusted Networks that will give you a deep understanding of what Zero Trust is and isn’t. 

Regular system maintenance often seems like a pipe dream for us in the security industry, frequently pushed off as we focus our attention on more pressing matters. Now as systems, applications, and devices potentially go unused, it’s the perfect time to take some time and reset. Who knows when you’ll have the chance next?

To hear more about my thoughts on security and vulnerability management in this “new normal,” watch my discussion with Kenna’s very own Head of Research Jonathan Cran and Kyle Ruddock, Cybersecurity Services Manager at CNO Financial Group. 

Share with Your Network

Read the Latest Content

Research Reports

Prioritization to Prediction Volume 5: In Search of Assets at Risk

The fifth volume of the Prioritization to Prediction series produced in conjunction with the Cyentia Institute explores the vulnerability risk landscape by looking at how enterprises often view vulnerabilities: through the lens of common asset platforms. Download the research report to learn more about the key findings: Common asset platforms and their typical risk profiles…

DOWNLOAD NOW
eBooks

5 Things Every CIO Should Know About Vulnerability Management

If you view vulnerability management (VM) as just a small part of your operation, it might be time to take another look.  Managing vulnerabilities is just as critical to IT as it is to Security and DevOps.  And it’s worth getting right: Vulnerabilities can leave your most strategic assets—and your business itself—exposed to cyber threats…

DOWNLOAD NOW

Videos

Videos

Get Started Using the Exploit Prediction Scoring System (EPSS).

Cyentia Institute’s Chief Data Scientist and Founder Jay Jacobs gives tips on how to get started using the Exploit Prediction Scoring System (EPSS). You can learn more about the Exploit Prediction Scoring System and use the interactive calculator here: https://www.kennaresearch.com/tools/e…

READ MORE
FacebookLinkedInTwitterYouTube

© 2020 Kenna Security. All Rights Reserved. Privacy Policy.