An Insight into Vulnerability Management

June 2, 2009

People tend to underestimate the intricacies involved in a Vulnerability Management program. The traditional approach of ‘Find them – Kill them’ tends to faint out when it comes to sweeping through a plethora of servers, platforms, protocols and not to mention end user systems.

A more effective approach has always been to plan your initial efforts, focus on your primary and secondary assets and analyze the life cycle span of the entire process.

In this article, we’ll discuss some proven methodologies known to efficiently deliver results.

Step 1. Many organizations fail to grasp the essence of VM and tend to regard it as a part of the IT administrator’s responsibilities. Though this may be true for smaller organizations (read very small) but any larger organization must have a dedicated team assigned solely responsible for hunting down and patching vulnerabilities.

Step 2. Create an index of all IT assets currently owned by the organization, specifically highlighting systems connected to IP networks. This database will act as your ‘Evaluation Base Line’ that will indicate the patching status of your entire inventory.

Step3. Vulnerability management is an ongoing process. New vulnerabilities emerge every instant and require continuous monitoring. Similarly a change in configuration might make a relatively secure system prone to attacks.

Step 4. Prioritize patch implementations when it comes to choosing in between ease of accessibility and security. Every system can hardened to become virtually impenetrable but at the cost of user friendliness.

Step 5. Simulate post patch scenarios in advance. New patches can sometimes cause unexpected changes in systems like conflicts with system registry and occasional incompatibility issues.

Step 6. Create a database of all patches. Since computers at an organization are perpetually being changed, formatted or simply being restored, an archive of all patches helps you to quickly cover up vulnerable systems, without having to search through patch releases for individual software all over again.

Step 7. Automate! Integrate easily available patching solutions or updating utilities at your organization to reduce manual overhead.

Step 8. Never assume. Assumptions in security have taught many professionals expensive lessons. A system isn’t safe unless it has withstood an attack. Make a habit of frequently simulating attack scenarios on systems likely to face rogue traffic, you’ll surprised at what your findings!

Tags: Guide to patching, Insight, Patching, Vulerability Management | Category : Vulnerability Management

How good are you at utilizing your Vulnerability Management program?

May 25, 2009

Here is our take on making the most of your vulnerability management system.

Act right away!

As much as people like to document their scan results in reports and refer to them in board presentations, do not loose focus on the primary objectives of these results…..Patch those vulnerabilities NOW. It is unintelligent … to say the least, to have discovered vulnerabilities but to leave the patching for a later date. And speaking of documenting, try to maintain a certain degree of privacy with your vulnerability findings while limiting access to your findings to relevant personnel only.

Patching and thinking you are protected?

Patching should only be a part of your defense strategy. Patching generally mitigates risk caused by faulty or sloppy programming codes, which are relatively easy to identify using automated techniques. The trickier aspect of information security involves logical errors, which arise due to acute lapses in configuration settings and parameters of the myriad of devices present on networks.

Protecting yourself from Zero day attacks…

Zero day attacks are quite understandably the worst fears of any security professional. While you cannot predict what the future has in store for your network, there are certain practices that will minimize the potential of your systems being targeted.

- Harden your systems

- Use heuristic protection based Anti viruses.

- Deny the irrelevant and only allow least privilege to those you permit

- Finally, educate users to be wary of unsolicited and suspicious email attachments.

A Vulnerability Management System is only as strong as its policies…

The strongest Vulnerability Management programs are always characterized by their elaborate policies. Policies help you regulate the operational effectiveness of your corporate infrastructure. Policies drive your users to

- Practice better password conventions.

- Bring in the use of encryption in official emails.

- Create a realization that security is everyone’s responsibility.

- Regularize the use of firewalls and antivirus programs.

- Familiarize people with the risks associated with social media

- Ascertain the confidentiality of organizational data and prevent instances of data leakage.

Tags: Patching, policy, Vulnerablility Management, zero day attacks | Category : Vulnerability Management