Effective Vulnerability Management - expert source
May 2017 by Mark McArdle, CTO, eSentire
According to cyber security company eSentire, vulnerabilities, like those which made the WannaCry outbreak possible, can be proactively addressed with an effective Vulnerability Management Program. Mark McArdle, CTO at the company says, “Every Vulnerability Program is driven by data gathered from Continuous Vulnerability Scanning, used to identify, inventory, and prioritize remediation actions around the highest risk vulnerabilities affecting the most critical technology assets.”
Below are some quick tips on what a Vulnerability Management Program should include:
• Vulnerability Scanning
o Always scan in authenticated mode if possible/feasible.
o Use the same dedicated account to perform scan activity.
o Scan monthly at a minimum.
• Vulnerability Management
o Align scan data with your IT asset inventory to prioritize remediation on your most critical systems.
o Develop risk ratings based on the stated level of risk provided by vulnerability scan reporting compared to the criticality/sensitivity of associated systems.
• Patch Management (Remediation)
o Patch often proactively; always apply security updates.
o Subscribe to vendor press or news releases around patching and vulnerability reporting.
o Based on the risk ratings developed in your Vulnerability Management Program, patch the highest risk vulnerabilities first.