Vulnerability Intelligence & 3 rd party patch management

Transcription

1 Vulnerability Intelligence & 3 rd party patch management Presented By: William Hamilton Melby

2 Company Overview Brief Secunia facts Established: 2002 HQ: Copenhagen, Denmark Regional office: Minneapolis, USA Ongoing collaboration with leading industry organizations Trusted advisor to thousands of organizations, including CERTS and ISACs, the White House, NATO, NIST, NERC and Mitre. Endorsements and ongoing collaboration: Industry experts consistently recognize Secunia s product innovation and commitment to eliminating vulnerabilities. 2

3 Market Focus The three pillars of our success Vulnerability Intelligence, Vulnerability Management and Patch Management for global enterprises, SMBs and private users Worldrenowned 1 Vulnerability Intelligence Award-winning 2 Vulnerability Management Best-in-Class 3 Patch Management 3

4 Microsoft Alliance Partner Ongoing collaboration and solutions integration Because patching non-microsoft programs is essential to corporate security Secunia is the first Vulnerability Security Alliance Partner of the Microsoft Technology Center Program. Our solutions integrate with Microsoft System Center 2012 and Microsoft WSUS. We are also a member of Microsoft s System Center Alliance Program. 4

5 Microsoft Alliance Partner Ongoing collaboration and solutions integration With System Center 2012 Configuration Manager, our customers can empower employee productivity on a wide range of devices while maintaining compliance and working to protect company data. With Secunia CSI and System Center 2012 Configuration Manager, our joint customers can streamline patch management processes and protect both Microsoft and non-microsoft applications from vulnerabilities. - Andrew Conway, Director Product Marketing, Microsoft 5

6 Research Team The heart and soul of Secunia; the eyes and ears of the industry One of the largest Vulnerability Intelligence databases on the market Database contains vulnerabilities in software products since ,213+ programs, applications and plug-ins from thousands of software vendors. Fully CVE compliant. Data is tested and verified by Secunia s researchers. The database is unique to Secunia and is Secunia s own IP. 6

7 7

8 The Highlights Secunia Vulnerability Review

9 Vendor Update Top 50 Software Portfolio Non-Microsoft (Third-party) Programs Microsoft Products Operating Systems Microsoft programs (including Windows 7) account for 66% of the products in the Top 50, but were only responsible for 24% of the vulnerabilities. Source: Secunia Vulnerability Review Secunia Presentation 9

10 Time to Patch Patch availability on Day 1 increasing (Top 50 software portfolio) 84% of vulnerabilities had patches available on the day of disclosure. You can patch most vulnerabilities the trick is knowing what to patch. In 2011, the number was 72%. Source: Secunia Vulnerability Review

11 Why Are Vulnerabilities Important? They are the attack vector you should never ignore Through 2015, 80% of successful attacks will exploit well-known vulnerabilities and be detectable via security monitoring. - Gartner Source: Adapting Vulnerability Management to Advanced Threats. Gartner. April

12 The Root Cause of Security Issues In other words: an Access All Areas pass for cybercriminals Vulnerabilities in software are used routinely by cybercriminals as gateways to exploit corporate networks. (1) 60% of attacks in 2012 were performed by commercialized exploit toolkits, sold in the underground, allowing anyone to become a cybercriminal. (2) Over 65% of the top threats in Q used vulnerabilities to infect machines and perform malicious activities. (2) Sources: (1) AVG Community Powered Threat Report. Q AVG (2) Russian Underground 101. Research Paper. Trend Micro Incorporated

13 What You Are up Against Continual threats on the horizon Writing malicious code is no rocket science: In 2012 a 11-year-old child developed a Trojan to steal account login information from online gamers. Source: AVG Community Powered Threat Report. Q AVG 13

14 What You Are up Against Continual threats on the horizon (In 2012) There were a surprising number of major incidents involving the Conficker worm, despite a patch being available since Source: Information Security Breaches Survey Technical Report. PwC 14

15 The Concept of Complete Patch Management 15

16 Introduction to the Secunia CSI Combining scanning and patching to meet the requirements of both IT security and operations It s not enough to detect the vulnerabilities if you can t patch them. It s not enough to have the patches, if you don t know where to apply them. Secunia CSI gives you the when, the where, the what and the how: This combination of vulnerability intelligence, vulnerability scanning, patch creation and patch deployment is unique in the industry. 16

17 Value Proposition Our foundation stone for the proactive detection and remediation of vulnerabilities INTEGRATION 17

18 CSI Key Takeaways What s in it for you? Management Comply with regulatory standards (e.g. PCI-DSS or NERC- CIP) regarding the patching of programs. Utilize your existing infrastructure to enforce security levels, i.e. Microsoft System Center Enable policy enforcement and document your compliance efforts in the case of a breach. Operations An overview of the security state of all programs installed across endpoints and servers for effective prioritization of patching efforts. Cross-platform scanning and patching of non-microsoft programs. Automatic package creation, plus access to out-of-the-box packages. Security Pinpoint the exact vulnerabilities affecting your network and verify security levels (Microsoft, third-party and custom programs). Audit, enforce and document patching levels based on indepth intelligence. Secure your off-site assets. 18

19 What Best Practice Patch Management Offers The wisdom and agility to tackle oncoming threats and a strengthened security posture Automatic identification of vulnerabilities in networks across endpoints and servers, grouped according to threat criticality. Streamlined patching efforts according to risk exposure, mitigation and compliance standards. Optimized workflow and remediation process through integration with patch deployment tools and automatic patch repackaging. A complete, real-time overview of installation and the security state of all installed programs (both Microsoft and non-microsoft). Multi-platform approach: Windows, Mac OS and Red Hat Linux are all catered for. Simplified patching of non-microsoft programs through existing patch deployment tools (Microsoft System Center 2012, WSUS, Altiris). Off-site assets secured by managing threats from endpoints not under the direct control of your corporate network 19

20 How We Compare 20

21 How We Compare to Other Vendors Market leadership: Clear differentiation Best-in-class solution for medium-sized organizations and enterprises Company Vulnerability Assessment Vulnerability Scanning Patch Management Observations Vulnerability coverage: +48k Programs covered: +25k Patch library: +350 Complete patch management solution: (VI+VS+PC+PD=PM) In-house research team (verified intelligence) Largest coverage of third-party programs Non-intrusive scanning technology A comparative sample of typical vendors Typical Patch Management vendor x x Patch Manager integration restricted to Microsoft System Center/WSUS Coverage of third-party programs: vendors only No in-house research team No scanning capabilities reliance on information released by vendors, therefore offering limited accuracy Offers only pre-packaged updates, which might result in incompatibility with IT environments and unsuitability to more complex network structures Cumbersome installation not designed for enterprises and scalability requires additional resources Typical Vulnerability Management vendor x Probe-based scanning only. Low Windows thirdparty detection coverage No patching capability; only remediation advice and management features are provided High technical knowhow required for deployment and utilization very intrusive 21

22 Q&A Stay Secure Secunia Mikado House, Rued Langgaards Vej 8, 4th floor DK-2300 Copenhagen S Denmark Phone: Fax: Secunia Inc. Lake Calhoun Business Center, Suite Excelsior Boulevard Minneapolis, MN USA Phone: Fax: