Mo’ Vulnerabilities, Mo’ Problems
*This originally appeared as a guest post in the Tripwire – The State of Security blog as Mo’ Vulnerabilities, Mo’ Problems…One Solution.
Security practitioners juggle many tasks, with vulnerability management requiring the most time and effort to manage effectively. Prioritizing vulnerabilities, grouping those vulnerabilities and assets, and assigning them to the appropriate teams takes considerable time using current scanning technology.
The end goal of any successful vulnerability management program is to keep organizational data and assets safe from breaches. Security practitioners must ask themselves: Do I have visibility that my current plan is working? When I am given a small window of time to remediate vulnerabilities, am I targeting the right ones?
Risk I/O’s risk meters use vulnerability data from scanning technologies, such as Tripwire IP360, to monitor any group of assets and vulnerabilities. Instead of trying to fix everything, risk meters shift your strategy towards identifying and remediating the few vulnerabilities that are most likely to cause a breach. Risk I/O takes millions of daily breaches and exploits via threat feeds and makes a comparison to your vulnerability data every 30 minutes. Your monthly scans can be turned into dynamic risk meters to ensure that any vulnerability that has been breached in the wild does not find its way into your environment.
Let’s say that you are a security practitioner that needs to separate your assets and vulnerabilities by five office locations to ensure that the team in each location is keeping up with their required remediation windows. You could create risk meters for each of those locations and monitor the overall health of each environment as a whole.
Now let’s say that you upgraded a large section of your desktops and laptops to Windows 8, and each office location received a portion of these OS upgrades. You can monitor those specific devices separately with their own risk meter. Using the entire list of organizational assets, select just those Windows 8 machines and create a risk meter to ensure that the OS upgrade goes smoothly and to act on any potential threats that arise quickly. Take a look at the video below to learn how risk meters allow you to monitor your assets at a glance in any way you choose.
Companies large and small can use risk meters to validate their remediation efforts and focus on the assets and vulnerabilities that matter most. Attackers target not only the CVSS 9’s and 10’s of the world, but they also target the old and forgotten vulnerabilities that were never remediated. Adding risk meters to your vulnerability management program will provide you with visibility to ensure that you are protecting your organization from the risk of a breach.