Five Ways You Can Make Your Vulnerability Management (VM) Program Smart Now

By -

 

Five Ways You Can Make Your Vulnerability Management (VM) Program Smart Now



So you are convinced that your need to adopt a “Smart” Vulnerability Management (VM) approach but you are not quite sure how to get started or even what to shoot for. Here are Five Very Important Steps you need to take to bring on the “Smart”.

 

Number 1 - Understand Business Goals and Then Automate Ranked Alerts

Yes, take a step back and think holistically how your business runs and what business processes are most critical to achieving your enterprise goals. Talk to your business line leaders and operational staff. Hit the whiteboard and talk through “what if” scenarios. Rank all of your business concerns as it pertains to any potential exposures to your attack surface. Then take on a Smart VM Platform that enables you to rank and automate each alert type across each IT layer so you receive automated business-ranked alerts. This is all done in the set-up stage. This is necessary. This is not sufficient – read on.

 

Number 2 - Make Sure its 100% Accurate

Want to ensure your get zero confidence from your support team when you present alerts – send them the automated alerts with no validation and let them spend days chasing false positives. You need to get Smart about the burden of noise generated by automated alerts. You need to adopt a Platform that integrates security specialists that rule our false positives BEFORE they are presented. In 2022, running your VM program virtually false-positive free is doable. VM with virtual 100% accuracy IS smart.

           

Number 3 - Don’t Waste Anyone’s Time – Give them the Whole Snapshot and Show Them Clearly What Matters Most

It’s easy to follow the typical IT stack layered specialist approach. One automated scanning tool for web applications. One tool for API scanning, One tool for network and devices. One ad hoc request for a pen test. For the past 10 years, most global enterprises have taken on the layered point-solution approach and then spent mountains of times hobbling together fractured intelligence reports across the attack surface. In 2022, that is no longer acceptable, nor is it Smart VM. There are full stack VM platforms that present your security posture in one snapshot.  They are pre-built to provide one single touchstone of truth that shows your security team AND your operational support team what issues need resolving now. Can we agree to buck the point solution tradition and take on Smart Full Stack VM now?

 

Number 4 - Understand Your Operational Support’s Daily Workflow (DO NOT INTERUPT IT) and Become a Part of It

The vernacular of “Smart” typically places a high emphasis on the Intelligence it produces but when we run a VM Program – we have a higher standard. We have to make the enterprise resilient itself. We have to continuously ensure that the important vulnerabilities are remediated in a timely manner. And the way we do that is take Smart approaches when integrating with support staff’s daily workflow. And this can be as simple as asking the support team how they like to take in their ticket information for seamless resolution. To achieve that seamless workflow integration in 2022 there are Smart VM platforms that integrate with whatever system your support team uses. And like the alert engine – it’s all automated. It’s all Smart.

 

Number 5 - Don’t Be An Alert Engine – Be a Remediation Engine

Congrats if you have completed  the above Four Steps. Now here’s a challenge. On the one side you have continuous, ranked business-intelligent alerts and on the other side you have IT Operational Support staff that are not security experts but who are required to remediate the issue. So how to you get Security Specialist Remediation guidance into the hands of the IT Support staff? Good news once again is that there are Smart VM Platforms that can integrate Security Specialist Validation not only to rule out false positives but to provide timely, contextualized guidance on how to resolve that pressing issue at hand. With a Smart approach, that guidance and be integrated into the ticketing system for easy access or can be just a phone call away for verbal step-by-step specific remediation guidance. And you get bonus Smart points when you adopt proactive security specialist guidance when bad programming patterns are noted and best practice guidance is deployed before a vulnerability is actually picked up.

 

Be Smart, Be Bold

If you take these Five Significant Steps to Smart VM, we allow you to walk with a bit of swagger. For if you now have delivered to your company a proactive, continuous and business-intelligent remediation machine and you have a resilient enterprise to show for it – your Smart VM Program entitles you to bragging rights. If you don’t have your Smart VM swagger yet, let’s talk.

Comments

Post a Comment

Popular posts from this blog

By -
Image
The HSE Data Breach and the State of Irish Cyber Security Many years ago, shortly after I founded the Irish chapter of OWASP ( http://www.owasp.org ) (in 2007??) we were delivering free application and software development classes to anyone who wanted them. It was a local low key affair but every class we delivered was "sold out". We have 60-80 folks mostly developers willing to spend 4-5 hours on learning the fundamentals of secure application development and testing. I suppose we felt cyber security was an important issue because that's what we did. At the time many folks in business felt cyber security was an overhead or a "tax" and did not give it much time. A few years later (late 2010) when the the foundation of the NCSC (National Cyber Security Centre) was announced, a few of us (local OWASP Ireland leaders) wrote a number of emails to the Irish government offering free cyber security training. As we were working for a non profit (501.3c) charity (OWA...
Read more

Edgescan and Huawei - Cybersecurity - Irish Times Article and Panel Discussion

By -
Image
I recently was interviewed by the Irish times on why is everything getting hacked and how can we change the game.... https://www.irishtimes.com/special-reports/cybersecurity-focus/criminals-have-an-inbuilt-advantage-in-the-great-cyber-arms-race-1.4651078  A recording of the Panel with Andy Purdy, CSO of Huawei North America. https://www.youtube.com/watch?v=cQJ1uSQ4IEk&t=33s Both are decent and worth a listen.
Read more

How Simple can it be.....XSS Prevention....

By -
Cross Site Scripting is sill a very common web vulnerability. Generally it is used to attack clients/users. It can be used for malware upload, botnet hooking, keylogging, a payload delivery system for clickjacking and CSRF attacks and much much more, all for 6 easy payments of $9.99...sorry got carried away there :) But is is easily preventable. You dont even have to know what XSS (type 0, type 1, type 2, DOM, Stored, Reflected) is to prevent it. One pretty simple way to prevent XSS is to use the OWASP ESAPI (Enterprise Security API). A very easy tool to use/invoke. It's also managed and attended to by Chris Schmidt ....A great guy... Regardless of what it does....if there was a mandate to use it on all redisplayed external input a site could become virtually XSS free!! (all for 6 easy payments of......). It's easy to deploy.... 1. Include in JSP (Java version) 2. Invoke in JSP 3. Job done!!! We include it by <%@ page import="org.owasp.esapi.ESAPI...
Read more