Prioritization to Prediction: Getting Real About Remediation.

The gallery

Most vulnerability scanners will also attempt to log in to systems using default or other credentials in order to build a more detailed picture of the system.

After building up an inventory, the vulnerability scanner checks each item in the inventory against one or more databases of known vulnerabilities to see if any items are subject to any of these vulnerabilities.

The result of a vulnerability scan is a list of all the systems found and identified on the network, highlighting any that have known vulnerabilities that may need attention.

Vulnerability Remediation: 5 Steps Toward Building an Effective Process

1) Implement a threat monitoring process that will allow your security team to constantly gather information about the newest or emerging threats that may affect your organization

It is imperative that your security team stay current on these threats. They do this by reviewing vender notifications of threats, patches and system updates as well as getting information from US CERT, which is always kept up to date with the latest information. Any threats the team uncover need to be addressed by vulnerability remediation management.

2) Conduct regular vulnerability assessments

This is not something you do once and forget. Assessment is a continuous process because the assessment is only a point in time snapshot of your situation and can change as new vulnerabilities are discovered. Therefore, you must ensure that you establish a formal program with defined roles and responsibilities that focus on developing and maintaining good vulnerability processes and procedures.

3) Establish and enforce baseline configurations

Standardize the configuration of similar technology assets within your organization based on documented configurations in accordance with applicable policies. Your security team must ensure that they document all baseline configurations within your environment and also ensure that these documents are kept up to date and are integrated as part of your system build process and is enforced throughout your organization.

4) Remediate vulnerabilities

This is the practice of evaluating the vulnerabilities you have identified, assigning risk to those vulnerabilities, planning responses to the vulnerabilities and then tracking any actions taken towards mitigating the vulnerabilities you find. Discovering faults and doing nothing about them is useless and will leave your organization susceptible to many threats.

5) Patch vulnerabilities

Vulnerability and patch management is best conducted in the following manner:

• First you must have processes in place to identify and confirm vulnerabilities using appropriate tools and services that will help you identify suspected or confirmed threat to your organization.
• Next you analyze your finding in order to thoroughly understand what the risks are. Without a true understanding, how can you put the correct measure in place to deal with them.
• After you perform your analysis, you fix the problems.
• Once your “fix” is in place, you must rescan or retest to first ensure your fix took and then to ensure that it was effective.

By following these recommendations I have provided you here, you are well on your way to securing your organization again vulnerabilities and threats that can cause serious harm if not checked.