Archive for June, 2009

An Insight into Vulnerability Management

People tend to underestimate the intricacies involved in a Vulnerability Management program. The traditional approach of ‘Find them – Kill them’ tends to faint out when it comes to sweeping through a plethora of servers, platforms, protocols and not to mention end user systems.

A more effective approach has always been to plan your initial  efforts, focus on your primary and secondary assets and analyze the life cycle span of the entire process.

In this article, we’ll discuss some proven methodologies known to efficiently deliver results.

Step 1. Many organizations fail to grasp the essence of VM and tend to regard it as a part of the IT administrator’s responsibilities. Though this may be true for smaller organizations (read very small) but any larger organization must have a dedicated team assigned solely responsible for hunting down and patching vulnerabilities.

Step 2.  Create an index of all IT assets currently owned by the organization, specifically highlighting systems connected to IP networks. This database will act as your ‘Evaluation Base Line’ that will indicate the patching status of your entire inventory.

Step3. Vulnerability management is an ongoing process. New vulnerabilities emerge every instant and require continuous monitoring. Similarly a change in configuration might make a relatively secure system prone to attacks.

Step 4.  Prioritize patch implementations when it comes to choosing in between ease of accessibility and security. Every system can hardened to become virtually impenetrable but at the cost of user friendliness.

Step 5.  Simulate post patch scenarios in advance. New patches can sometimes cause unexpected changes in systems like conflicts with system registry and occasional incompatibility issues.

Step 6. Create a database of all patches. Since computers at an organization are perpetually being changed, formatted or simply being restored, an archive of all patches helps you to quickly cover up vulnerable systems, without having to search through patch releases for individual software all over again.

Step 7. Automate! Integrate easily available patching solutions or updating utilities at your organization to reduce manual overhead.

Step 8. Never assume. Assumptions in security have taught many professionals expensive lessons. A system isn’t safe unless it has withstood an attack. Make a habit of frequently simulating attack scenarios on systems likely to face rogue traffic, you’ll surprised at what your findings!

, , ,

Copyright © Rewterz. All rights reserved.