| Vulnerability management is a pro-active approach to managing network security by reducing the likelihood that flaws in code or design could compromise the security of an endpoint or network. A vulnerability, also known as a security hole, is a weak point that an intruder could exploit to gain access to system resources for data theft or malicious purposes. The essential elements of vulnerability management include detection, assessment and remediation. Vulnerability management processes include: Checking for vulnerabilities - This process should include regular network scanning, firewall logging, penetration testing or use of an automated tool like a vulnerability scanner. Identifying vulnerabilities - This involves analyzing network scans and pen test results, firewall logs or vulnerability scan results to find anomalies that suggest a malware attack or other malicious event has taken advantage of a security vulnerability, or could do so. Verifying vulnerabilities - This process includes ascertaining whether the identified vulnerabilities could be exploited on servers, applications, networks or other systems. This also includes classifying the severity of a vulnerability and the level of risk it presents to the organization. Mitigating vulnerabilities - This is the process of figuring out how to prevent vulnerabilities from being exploited before a patch is available, or if there is no patch. It can involve taking the affected part of the system off-line (if it's non-critical), or various other workarounds. Patching vulnerabilities - This is the process of getting patches -- usually from the vendors of the affected software or hardware -- and applying them to all the affected areas in a timely way. This is sometimes an automated process, done with patch management tools. This step also includes patch testing. Because the nature of threats is constantly evolving, vulnerability management planning strategies must frequently be updated to ensure they remain effective in a changing threat landscape. An important feature of vulnerability management tools is automated trouble ticket and workflow creation, which ensure appropriate personnel is notified of critical vulnerabilities. |
No comments:
Post a Comment