Summary
Knowing where your assets are and if they are vulnerable is only the first stage
Prioritization involves a lot more than considering the severity score of a vulnerability
Intelligent automation accounts for your unique environment and saves time
Knowing what assets you have and if they are vulnerable is a great start
There are several challenges in building a valuable vulnerability management program. Understanding where and what your assets are via discovery and performing vulnerability detection scans is the first big step. Tools that automatically search your network and probe systems and web applications for vulnerability detection are a must. In today’s highly dynamic hybrid and multi-cloud environments, systems can be installed in an instant, while legacy systems may be quietly churning away, overshadowed by the demands of new projects. Overlooking assets will ultimately lead to an increased risk profile of your organization.
Automated asset discovery coupled with vulnerability detection is the straightforward first step of vulnerability managment.
Vulnerability Prioritization is a problem
Lists of assets and vulnerabilities are a good start. But given the sheer number of security vulnerabilities, these lists raise an important question: Now what? For many, the answer is mitigation. This includes applying patches from vendors, creating and deploying fixes for in-house software and web applications, adjusting network and permissions controls, and myriad other activities. This raises another question: Which of these should I do first?
Vulnerability prioritization involves considering some basic factors:
The likelihood that the vulnerability will be exploited
If it is exploited, the level of impact it will have on the business
Traditional approaches heavily rely on the severity score of the security vulnerability for prioritization. The pr ..
Support the originator by clicking the read the rest link below.
