Five Ways You Can Make Your Vulnerability Management (VM) Program Smart Now

By -

 

Five Ways You Can Make Your Vulnerability Management (VM) Program Smart Now



So you are convinced that your need to adopt a “Smart” Vulnerability Management (VM) approach but you are not quite sure how to get started or even what to shoot for. Here are Five Very Important Steps you need to take to bring on the “Smart”.

 

Number 1 - Understand Business Goals and Then Automate Ranked Alerts

Yes, take a step back and think holistically how your business runs and what business processes are most critical to achieving your enterprise goals. Talk to your business line leaders and operational staff. Hit the whiteboard and talk through “what if” scenarios. Rank all of your business concerns as it pertains to any potential exposures to your attack surface. Then take on a Smart VM Platform that enables you to rank and automate each alert type across each IT layer so you receive automated business-ranked alerts. This is all done in the set-up stage. This is necessary. This is not sufficient – read on.

 

Number 2 - Make Sure its 100% Accurate

Want to ensure your get zero confidence from your support team when you present alerts – send them the automated alerts with no validation and let them spend days chasing false positives. You need to get Smart about the burden of noise generated by automated alerts. You need to adopt a Platform that integrates security specialists that rule our false positives BEFORE they are presented. In 2022, running your VM program virtually false-positive free is doable. VM with virtual 100% accuracy IS smart.

           

Number 3 - Don’t Waste Anyone’s Time – Give them the Whole Snapshot and Show Them Clearly What Matters Most

It’s easy to follow the typical IT stack layered specialist approach. One automated scanning tool for web applications. One tool for API scanning, One tool for network and devices. One ad hoc request for a pen test. For the past 10 years, most global enterprises have taken on the layered point-solution approach and then spent mountains of times hobbling together fractured intelligence reports across the attack surface. In 2022, that is no longer acceptable, nor is it Smart VM. There are full stack VM platforms that present your security posture in one snapshot.  They are pre-built to provide one single touchstone of truth that shows your security team AND your operational support team what issues need resolving now. Can we agree to buck the point solution tradition and take on Smart Full Stack VM now?

 

Number 4 - Understand Your Operational Support’s Daily Workflow (DO NOT INTERUPT IT) and Become a Part of It

The vernacular of “Smart” typically places a high emphasis on the Intelligence it produces but when we run a VM Program – we have a higher standard. We have to make the enterprise resilient itself. We have to continuously ensure that the important vulnerabilities are remediated in a timely manner. And the way we do that is take Smart approaches when integrating with support staff’s daily workflow. And this can be as simple as asking the support team how they like to take in their ticket information for seamless resolution. To achieve that seamless workflow integration in 2022 there are Smart VM platforms that integrate with whatever system your support team uses. And like the alert engine – it’s all automated. It’s all Smart.

 

Number 5 - Don’t Be An Alert Engine – Be a Remediation Engine

Congrats if you have completed  the above Four Steps. Now here’s a challenge. On the one side you have continuous, ranked business-intelligent alerts and on the other side you have IT Operational Support staff that are not security experts but who are required to remediate the issue. So how to you get Security Specialist Remediation guidance into the hands of the IT Support staff? Good news once again is that there are Smart VM Platforms that can integrate Security Specialist Validation not only to rule out false positives but to provide timely, contextualized guidance on how to resolve that pressing issue at hand. With a Smart approach, that guidance and be integrated into the ticketing system for easy access or can be just a phone call away for verbal step-by-step specific remediation guidance. And you get bonus Smart points when you adopt proactive security specialist guidance when bad programming patterns are noted and best practice guidance is deployed before a vulnerability is actually picked up.

 

Be Smart, Be Bold

If you take these Five Significant Steps to Smart VM, we allow you to walk with a bit of swagger. For if you now have delivered to your company a proactive, continuous and business-intelligent remediation machine and you have a resilient enterprise to show for it – your Smart VM Program entitles you to bragging rights. If you don’t have your Smart VM swagger yet, let’s talk.

Comments

Post a Comment

Popular posts from this blog

Edgescan, why we do what we do.....

By -
Image
  The cyber security industry is full of solutions to make you more secure. Some are unproven and other approaches work if deployed properly. Our industry is very fragmented. for example a recent "Cyber Defense" award I noticed has 195 categories!  I suppose we need to ask ourselves as companies from time to time why we do what we do?  So, the following post is, I guess, the reason we developed Edgescan and why we believe its a decent solution to help organizations improve and be more resilient in relation to cyber security and system protection.... Vulnerability scanning alone did not work. The idea of software testing software for vulnerabilities is a good one but both sides of the equation may have bugs. Bugs in one side (The target) may result in vulnerabilities, whilst bugs on the other side (Scanner) may result in false negatives and false positives.  Accuracy : To that end we built edgescan as a combination of automation to discover vulnerabilities at scale but  when c
Read more

20 years of Vulnerability Managment - Why we've failed and continue to do so.

By -
Image
Cyber Security: Keeping Pace with Change. Getting breached can really ruin your day. Actually it normally happens on a friday evening as you are about chill for the weekend. The cause of must breaches is not rocket science, its more to do with the poor approach we have accepted because we underestimate the threat actor.  - An attacker does not scan your website/network once a quarter with a commercial or open source scanner or perform an annual penetration test against your systems to see if there is any low hanging fruit, so how do we expect to defend against such an advisory using that approach? Systems change now more frequently than ever due to the ease of cloud deployments and the speed of software deployments due to iterative development techniques. The rate of change increase results in exposures quickly manifesting and the organisation not even being aware of the exposure in the first place. Many organisations dont know what they have exposed on the public Internet. We need t
Read more
By -
Image
The HSE Data Breach and the State of Irish Cyber Security Many years ago, shortly after I founded the Irish chapter of OWASP ( http://www.owasp.org ) (in 2007??) we were delivering free application and software development classes to anyone who wanted them. It was a local low key affair but every class we delivered was "sold out". We have 60-80 folks mostly developers willing to spend 4-5 hours on learning the fundamentals of secure application development and testing. I suppose we felt cyber security was an important issue because that's what we did. At the time many folks in business felt cyber security was an overhead or a "tax" and did not give it much time. A few years later (late 2010) when the the foundation of the NCSC (National Cyber Security Centre) was announced, a few of us (local OWASP Ireland leaders) wrote a number of emails to the Irish government offering free cyber security training. As we were working for a non profit (501.3c) charity (OWA
Read more