SecurePrevent Vulnerability Management
The vulnerability management challenge
- During 2017 there has been an average of 35 new vulnerabilities released per day!
- During the period of Jan-Aug 2017 this adds up to just over 9.000 new vulnerabilities.
The first step companies need to take, to reduce the risk of getting breached because of these vulnerabilities is to scan for them to understand which ones that are relevant for their business.
This needs to be done continuously and there needs to be a processes in place for what to do with all the data that the vulnerability scanner provides.
Once companies have started to run these
scans the very quickly realizes a couple of things:
There is massive amount of
vulnerabilities in their network.
They do not have enough time, resources
or service windows to be able to patch them all.
The build in scoring (CVSS) rates a huge amount as critical, so not even by limiting the patching to critical vulnerabilities, there is enough time to address them all.
One other challenges with
these vulnerability scanning reports are:
The report is static. What is medium today, might be critical tomorrow based on the changing threat landscape.
The report does not include any data about the potential threat to this vulnerability, like for example known exploits and malwares that may have been released to target this vulnerability.
Gartner summarizes this is a very good way:
Vulnerabilities and their exploitation are still the root cause of most breaches.
IT security leaders should refocus their attention on how vulnerabilities are being managed
and should track this metric to provide visibility as to how to reduce the biggest risks of being breached.