Optimizing Network Vulnerability

Similar documents
Leveraging Network and Vulnerability metrics Using RedSeal

Improving Network Security Change Management Using RedSeal

Enabling Continuous PCI DSS Compliance. Achieving Consistent PCI Requirement 1 Adherence Using RedSeal

What a Vulnerability Assessment Scanner Can t Tell You. Leveraging Network Context to Prioritize Remediation Efforts and Identify Options

WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION

Extreme Networks Security Analytics G2 Vulnerability Manager

Vulnerability Risk Management 2.0. Best Practices for Managing Risk in the New Digital War

CORE INSIGHT ENTERPRISE: CSO USE CASES FOR ENTERPRISE SECURITY TESTING AND MEASUREMENT

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

IBM Security QRadar Vulnerability Manager

Attack Intelligence: Why It Matters

Continuous Diagnostics & Mitigation:

Seven Practical Steps to Delivering More Secure Software. January 2011

Vulnerability Management

Continuous Network Monitoring

YOUR NETWORK SECURITY WITH PROACTIVE SECURITY INTELLIGENCE

How To Test For Security On A Network Without Being Hacked

ADDING NETWORK INTELLIGENCE TO VULNERABILITY MANAGEMENT

WhiteHat Security White Paper. Evaluating the Total Cost of Ownership for Protecting Web Applications

Achieving Control: The Four Critical Success Factors of Change Management. Technology Concepts & Business Considerations

Experience the commitment WHITE PAPER. Information Security Continuous Monitoring. Charting the Right Course. cgi.com 2014 CGI GROUP INC.

What Do You Mean My Cloud Data Isn t Secure?

Total Protection for Compliance: Unified IT Policy Auditing

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER

IBM Security QRadar Risk Manager

Actionable Security Intelligence: Preparing for the Next Threat with a Proactive Strategy

NEXPOSE ENTERPRISE METASPLOIT PRO. Effective Vulnerability Management and validation. March 2015

case study Core Security Technologies Summary Introductory Overview ORGANIZATION: PROJECT NAME:

Best Practices for Threat & Vulnerability Management. Don t let vulnerabilities monopolize your organization.

WHITEPAPER PROACTIVE SECURITY INTELLIGENCE RETURN ON INVESTMENT

Strategies for assessing cloud security

Best Practices for Vulnerability Management

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

RSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief

Integrated Threat & Security Management.

IBM Security QRadar Risk Manager

Preempting Business Risk with RSA SIEM and CORE Security Predictive Security Intelligence Solutions

Closing the Vulnerability Gap of Third- Party Patching

Scanless Vulnerability Assessment. A Next-Generation Approach to Vulnerability Management

McAfee Server Security

CORE Security and GLBA

SANS Top 20 Critical Controls for Effective Cyber Defense

Prevent cyber attacks. SEE. what you are missing. Netw rk Infrastructure Security Management

Application Security in the Software Development Lifecycle

Log Management Solution for IT Big Data

IBM Security Intelligence Strategy

CyberArk Privileged Threat Analytics. Solution Brief

Breaking down silos of protection: An integrated approach to managing application security

The Benefits of an Integrated Approach to Security in the Cloud

2011 Forrester Research, Inc. Reproduction Prohibited

White Paper. Automating Your Code Review: Moving to a SaaS Model for Application Security

can you improve service quality and availability while optimizing operations on VCE Vblock Systems?

PCI-DSS Penetration Testing

CORE Security and the Payment Card Industry Data Security Standard (PCI DSS)

Cyber Risk Reduction: Why Automated Threat Verification is key

Detect, Contain and Control Cyberthreats

SELECTING THE RIGHT HOST INTRUSION PREVENTION SYSTEM:

Website Security: How to Avoid a Website Breach. Jeff Bell, CISSP, CPHIMS, ACHE Director, IT Security and Risk Services CareTech Solutions

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

Vulnerability management lifecycle: defining vulnerability management

CDM Vulnerability Management (VUL) Capability

GETTING REAL ABOUT SECURITY MANAGEMENT AND "BIG DATA"

Cisco Security Optimization Service

FIVE PRACTICAL STEPS

ForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM)

Cyber Governance Preparing for the Inevitable Perimeter Breach

Maintaining PCI-DSS compliance. Daniele Bertolotti Antonio Ricci

How To Improve Your Business Recipe Cards

What is Penetration Testing?

AUTOMATED PENETRATION TESTING PRODUCTS

How To Manage A Network Security Risk

SOLUTION WHITE PAPER

Industrial Cyber Security Risk Manager. Proactively Monitor, Measure and Manage Cyber Security Risk

Whitepaper. Advanced Threat Hunting with Carbon Black

Integrated Network Vulnerability Scanning & Penetration Testing SAINTcorporation.com

defending against advanced persistent threats: strategies for a new era of attacks agility made possible

IBM Security IBM Corporation IBM Corporation

AUTOMATED PENETRATION TESTING PRODUCTS

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

FIREMON SECURITY MANAGER

PASTA Abstract. Process for Attack S imulation & Threat Assessment Abstract. VerSprite, LLC Copyright 2013

Transcription:

SOLUTION BRIEF Adding Real-World Exposure Awareness to Vulnerability and Risk Management Optimizing Network Vulnerability Management Using RedSeal november 2011 WHITE PAPER RedSeal Networks, Inc. 3965 Freedom Circle, Suite 800, Santa Clara, 95054 Tel (408) 641-2200 Toll Free (888) 845-8169 www.redsealnetworks.com

2 SOLUTION BRIEF Adding Real-World Exposure Awareness to Vulnerability and Risk Management Contents Executive Summary: 3 Blind Faith: Relying on Today s Under Informed Vulnerability Remediation Approach 3 The Shortcomings of Traditional Vulnerability Management Practices 4 Adding Network Access Awareness to Vulnerability Assessment 5 The Solution: RedSeal Proactive Security Intelligence 7 Conclusions: 8

Adding Real-World Exposure Awareness to Vulnerability and Risk Management SOLUTION BRIEF 3 Adding Real-World Exposure Awareness to Vulnerability and Risk Management Optimizing Network Vulnerability Management Using RedSeal Executive Summary: This solution brief examines the opportunity for organizations to adopt capabilities that dramatically advance the effectiveness of vulnerability management initiatives by providing detailed visibility into network access and risk to inform remediation based on real-world exposure. In addition to highlighting the inefficiency of vulnerability prioritization methods that fail to account for mitigation by network defenses, the paper will document the specific manner in which RedSeal s proactive security intelligence solutions allow organizations to rank vulnerabilities based on their exposure to threat sources and relation to business critical assets. By lending contextual awareness of network protection to vulnerability scoring and driving remediation related to proven risk, RedSeal transforms vulnerability management from a costly guessing game of plugging holes into a strategic process reducing attack surface and optimizing resource allocation. Blind Faith: Relying on Today s Under Informed Vulnerability Remediation Approach While the dawn of the vulnerability management era was hailed as the end of reactive IT security, most organizations reliance on risk scoring methodologies that lack awareness of mitigating conditions and network exposure have failed to deliver on that promise. Despite the fact that efforts to proactively identify and remediate vulnerabilities before they can be breached represents a tremendous step forward compared to the traditional mindset of react and respond, a shortfall of contextual information regarding direct and indirect network exposure has severely limited vulnerability management s payoff. In addition to generating false positives that encourage remediation teams to focus on vulnerabilities that have been mitigated by network controls, the manner in which www.redsealnetworks.com

4 SOLUTION BRIEF Adding Real-World Exposure Awareness to Vulnerability and Risk Management most vulnerability assessment tools rank the issues they find using industry severity ratings like the Common Vulnerability Scoring System fails to account for the most significant factor when measuring risk: whether or not they are actually exposed to threat sources or protected by layered defenses. According to Gartner s Jan. 2011 report Understanding Vulnerability Management Life Cycle Functions, scanning programs that focus only on simple assessment of flaws themselves are weak specifically based on a lack of focus on the vulnerabilities surroundings. Knowing you have a problem, and what type of vulnerability it is, provides critical intelligence to security strategists, but without providing further intelligence regarding the likelihood of being exploited by attackers, Gartner observes, organizations utilize an a approach that isn t optimized for mitigation. To better prioritize patching and remediation efforts, make the most of ongoing scanning and ensure that efforts remain focused on protection of each organization s critical assets, today s enterprises must widen the scope of vulnerability management beyond basic scanning to include correlation of network access and security controls with vulnerability findings. The Shortcomings of Traditional Vulnerability Management Practices As noted in the 2010 Dark Reading feature The Truth About Vulnerability Scanners, enterprises relying on traditional network assessment tools alone are likely maintaining a false sense of protection. While no security expert would argue that proactively seeking out existing network vulnerabilities to proactively address them constitutes faulty logic, most scanning tools are, as reported in Dark Reading s article, limited in identifying the complex avenues an attacker could take to compromise your network. In addition to lacking the ability to understand where the flaws are exposed to network access, most vulnerability assessment tools provide organizations with a massive volume of results that it makes it extremely difficult for staff to analyze the information and effectively prioritize remediation. In its 2010 white paper Data-centric Vulnerability Management security services giant Verizon Business points out that in addition to overwhelming numbers of results, too many issues are typically identified by scanners as high or critical making it challenging to determine how to handle so many. Despite the fact that network vulnerability assessments are valuable in reducing risk, it has become obvious that traditional methods also bear significant shortcomings, including: Inability to provide insight into whether or not the issues discovered are truly exposed to external networks or have been mitigated by layered defenses.

Adding Real-World Exposure Awareness to Vulnerability and Risk Management SOLUTION BRIEF 5 A lack of information about whether, or how, any vulnerabilities might be connected to other vulnerabilities, and allow potential advanced attacks via pivoting. Generation of so many results that it prevents efficient analysis, delaying resolution and wasting available resources. To address this problem, organizations must expand vulnerability management beyond scanning to gain visibility into highly relevant factors such as the current state of network protection and underlying host value to the business. By overlaying intelligence of such important conditions on vulnerability scan data, organizations can immediately optimize response and drive more effective remediation. RedSeal provides an interactive network security visualization for browsing the analysis results and identifying vulnerabilities that are exposed to various parts of the network both internal and external. This screen shot shows that a single subnet is exposed to both Internet connections and if exploited could be used to launch additional attacks deeper in the network pivot attack. Adding Network Access Awareness to Vulnerability Assessment To ensure that vulnerability management is targeted at discovery and remediation of organizations most pressing security issues, today s enterprises require more inclusive processes that provide added network context and visibility. By lending additional information to their scanning processes, organizations can far more effectively prioritize their efforts and ensure that they are patching those problems that actually represent real-world exposures. In its Techniques for Security Risk Analysis of Enterprise Networks, the National Institute of Standards and Technology (NIST), contends that to accurately assess www.redsealnetworks.com

6 SOLUTION BRIEF Adding Real-World Exposure Awareness to Vulnerability and Risk Management the security of networked systems one must understand how vulnerabilities can be combined to stage an attack. Using available solutions that analyze all available access permitted across the entire network and understand valuation of underlying assets based on importance to the specific organization, enterprises can greatly advance the overall effectiveness of their vulnerability management efforts, providing important benefits including: The ability to identify precisely those vulnerabilities that represent significant risk for exploitation based on their exposure to threat sources like the Internet and other external networks. Faster interpretation of vulnerability scan results, providing security teams with more time to direct their efforts on additional investigation or patching of problems. Validation that the coverage of existing scanning initiatives is sufficient for identifying any potentially high-risk vulnerabilities. As noted by Verizon Business in its Data-centric Vulnerabilbity Management report, knowing where to start and focus remediation efforts isn t easy, and scarce resources may be misallocated to fixing lower-impact vulnerabilities, ultimately leaving the most critical data still vulnerable to a breach. By evolving vulnerability management from basic scanning to continuous assessment of risk based on a confluence of critical factors, related to everything from network access to vulnerabilites interrelation, practitioners can isolate their most dangerous problems, and derive greater return out of related investments. RedSeal s Security Performance Reporting engine provides out-of-the-box vulnerability metrics and the ability to define custom metrics. This screen shot shows four metrics: vulnerable hosts that are directly exposed and indirectly exposed, hosts that are protected by security controls and vulnerable hosts that are directly exposed and could be used to pivot off of to launch additional attacks.

Adding Real-World Exposure Awareness to Vulnerability and Risk Management SOLUTION BRIEF 7 The Solution: RedSeal Proactive Security Intelligence RedSeal s proactive security intelligence solutions are the only products on the market today that provide organizations with the specific information they need to stop wasting costly resources and gain the visibility necessary to most effectively guide remediation. With RedSeal, organizations retain the ability to understand how layers of network security devices shield certain vulnerabilities from exploitation and isolate those problems that may appear unimportant, but actually represent pressing real-world exposures. RedSeal provides security management with the contextual awareness of network access, vulnerability proximity and the relation to critical hosts needed to optimize existing assessment and remediation initiatives to: Proactively identify those vulnerabilities that can be accessed from threat sources to isolate exposure to attacks. Determine how effectively defenses have been aligned to prevent pivot attacks from advancing across networked infrastructure by exploiting additional vulnerabilities. Understand where specific critical assets are exposed to potential attack by the combination of access and vulnerability. By leveraging powerful automation to deduce every point and pathway of connection across the entire network, RedSeal offers organizations the power to focus vulnerability management on their greatest risks, improve protection of critical assets and prove that maximum ROI is garnered from network scanning and remediation. Using RedSeal, enterprises can collect and analyze key metrics that highlight the overall performance of vulnerability assessment and remediation programs, prove ongoing diligence to external compliance auditors, and drive more efficient allocation of valuable staff and resources over time. RedSeal provides a variety of security visualizations for analyzing vulnerability risk. This screen shot of RedSeal patented Risk Map visualization highlights in red the vulnerable hosts that pose the most risk to the business based on vulnerability severity and exposure to threat sources. www.redsealnetworks.com

8 SOLUTION BRIEF Adding Real-World Exposure Awareness to Vulnerability and Risk Management Conclusions: With the increasing complexity of everything from infrastructure itself to the sophistication of cutting-edge attacks, enterprises must identify those vulnerabilities that need to be remediated first to prevent the potential for subsequent data breaches. As noted by security industry training specialists SANS in its 20 Critical Security Controls, organizations must speed vulnerability management and remediation as any significant delays in finding or fixing dangerous vulnerabilities provides ample opportunity for persistent attackers to break through, gaining control over the vulnerable machines and getting access to the sensitive data they contain. RedSeal s proactive security intelligence solutions are the only products on the market that empower today s enterprises with the detailed visibility into available network access, vulnerability interrelation and the value of underlying business assets allowing them to advance vulnerability management and drive more efficient remediation that addresses their most dangerous real-world risks. About RedSeal: RedSeal Networks develops proactive security intelligence software that enterprise organizations depend on to visualize the effectiveness of security infrastructure, maintain continuous policy compliance and protect their most critical business assets and data. Unlike systems that measure the impact of attacks after they transpire or address individual elements of network protection, RedSeal analyzes the cumulative ability of defenses to control access and mitigate vulnerability exposure across the entire enterprise, providing the critical metrics necessary to trend performance and isolates gaps before they can be discovered by hackers. For more information on RedSeal products please visit the company s web site at www.redsealnetworks.com or contact RedSeal representatives directly at (888) 845-8169.

Adding Real-World Exposure Awareness to Vulnerability and Risk Management SOLUTION BRIEF 9 www.redsealnetworks.com

WHITE PAPER RedSeal Networks, Inc. 3965 Freedom Circle, Suite 800, Santa Clara, 95054 Tel (408) 641-2200 Toll Free (888) 845-8169 www.redsealnetworks.com Copyright 2011 RedSeal Networks, Inc. All rights reserved. RedSeal and the RedSeal logo are trademarks of RedSeal Networks, Inc.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information