ML:3 is base camp, and getting here means you have reached a level that others have only dreamed about. At this level, the VM program is very good, and your visibility into threats to the environment is much better than it has ever been.Prioritizing Asset AssessmentThe biggest change at this level is the focus on the breadth of assessment going on in the organization. The goal at this point is to increase the coverage of assessed assets at least monthly. While it would be great to assess everything, it is not always practical, so the priority of the asset will determine the cadence.For example,External facing Critical Assets – If compromised, will stop the business – assessed at least once every dayNon-external facing Critical Assets – if compromised, will stop the business – assessed at least every three daysImportant Assets – if compromised, would cause an outage in the business – assessed at least every five daysStandard Assets – these are the assets that generally have one user, e.g. workstations and laptops. – assessed at least every 10 daysLow Priority Assets – these are assets like would cause a nuance if compromised, e.g printers.The cadence of patches can also play a role in these assessment times, as mentioned in the last blog.Asset Assessment CategoriesWith this increased coverage, a variety of assessment technologies are used to cover the organization. Scanning is generally broken down into three categories. The category to use depends on the assets in scope.External assessments or remote checks – These assess the vulnerability of a system without logging into the system. This style of checks will send packets to the target and determine vulnerability status based on the reply from the target.Internal assessments or local checks – These use credentials ..
Support the originator by clicking the read the rest link below.
