Avoiding the Top 5 Vulnerability Management Mistakes

Similar documents
WHITE PAPER. Attaining HIPAA Compliance with Retina Vulnerability Assessment Technology

SecureIIS Web Server Protection Guarding Microsoft Web Servers

Three Ways to Secure Virtual Applications

Integrated Threat & Security Management.

Simplifying the Challenges of Mobile Device Security

WHITE PAPER. Best Practices for Securing Remote and Mobile Devices

Total Protection for Compliance: Unified IT Policy Auditing

WHITE PAPER. BeyondTrust PowerBroker : Root Access Risk Control for the Enterprise

Payment Card Industry Data Security Standard

Intrusive vs. Non-Intrusive Vulnerability Scanning Technology

How To Achieve Pca Compliance With Redhat Enterprise Linux

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

WHITE PAPER. Take Back Control of Your Active Directory Auditing

eguide: Designing a Continuous Response Architecture Executive s Guide to Windows Server 2003 End of Life

Network Security and Vulnerability Assessment Solutions

PCI Data Security Standards (DSS)

How To Protect Your Network From Attack From A Network Security Threat

Attaining HIPAA Compliance with Retina Vulnerability Assessment Technology

Sygate Secure Enterprise and Alcatel

Proven LANDesk Solutions

Vulnerability Management

NEXPOSE ENTERPRISE METASPLOIT PRO. Effective Vulnerability Management and validation. March 2015

PCI DSS Top 10 Reports March 2011

IT Security & Compliance. On Time. On Budget. On Demand.

McAfee Total Protection Reduce the Complexity of Managing Security

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

Cisco Security Optimization Service

Five keys to a more secure data environment

THREE KEYS TO COST-EFFECTIVE SECURITY FOR YOUR SMALL BUSINESS

Preemptive security solutions for healthcare

Privilege Gone Wild: The State of Privileged Account Management in 2015

eguide: Designing a Continuous Response Architecture 5 Steps For Windows Server 2003 End of Life Success

Understanding BeyondTrust Patch Management

Unified Security Anywhere HIPAA COMPLIANCE ACHIEVING HIPAA COMPLIANCE WITH MASERGY PROFESSIONAL SERVICES

End-user Security Analytics Strengthens Protection with ArcSight

Continuous Network Monitoring

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

CORE Security and the Payment Card Industry Data Security Standard (PCI DSS)

McAfee Server Security

CHAPTER 3 : INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC

WHITEPAPER. Addressing Them with Adaptive Network Security. Executive Summary... An Evolving Network Environment Adaptive Network Security...

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments

THE TOP 4 CONTROLS.

How To Manage A Privileged Account Management

Scalability in Log Management

PENETRATION TESTING GUIDE. 1

Symantec Protection Suite Enterprise Edition for Servers Complete and high performance protection where you need it

Privilege Gone Wild: The State of Privileged Account Management in 2015

WHITEPAPER. Addressing Them with Secure Network Access Control. Executive Summary... An Evolving Network Environment... 2

Assuria Auditor The Configuration Assurance, Vulnerability Assessment, Change Detection and Policy Compliance Reporting Solution for Enterprise

Technology Blueprint. Assess Your Vulnerabilities. Maintain a continuous understanding of assets and manage vulnerabilities in real time

Building a Business Case:

How To Manage Security On A Networked Computer System

Extreme Networks Security Analytics G2 Vulnerability Manager

Driving Company Security is Challenging. Centralized Management Makes it Simple.

Trend Micro Cloud Security for Citrix CloudPlatform

1 Introduction Product Description Strengths and Challenges Copyright... 5

Data Sheet: Endpoint Security Symantec Endpoint Protection The next generation of antivirus technology from Symantec

Permeo Technologies WHITE PAPER. HIPAA Compliancy and Secure Remote Access: Challenges and Solutions

How To Buy Nitro Security

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

Managed Security Services for Data

SAP Cybersecurity Solution Brief. Objectives Solution Benefits Quick Facts

Security. Security consulting and Integration: Definition and Deliverables. Introduction

WHITE PAPER. Improving Efficiency in IT Administration via Automated Policy Workflows in UNIX/Linux

Appalachian Regional Commission Evaluation Report. Table of Contents. Results of Evaluation Areas for Improvement... 2

Critical Security Controls

Information & Asset Protection with SIEM and DLP

SANS Top 20 Critical Controls for Effective Cyber Defense

PCI DSS Reporting WHITEPAPER

Data Sheet: Endpoint Security Symantec Endpoint Protection The next generation of antivirus technology from Symantec

AUTOMATING AUDITS AND ENSURING CONTINUOUS COMPLIANCE WITH ALGOSEC

Security Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions

Active Network Defense: Real time Network Situational Awareness and a Single Source of Integrated, Comprehensive Network Knowledge

Enterprise Security Solutions

Nessus Agents. October 2015

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

Addressing BYOD Challenges with ForeScout and Motorola Solutions

Goals. Understanding security testing

PCI Solution for Retail: Addressing Compliance and Security Best Practices

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

Executive Summary Program Highlights for FY2009/2010 Mission Statement Authority State Law: University Policy:

Symantec Endpoint Protection

IBM Security QRadar Vulnerability Manager

Best Practices in ICS Security for System Operators. A Wurldtech White Paper

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

2012 Endpoint Security Best Practices Survey

Vulnerability management lifecycle: defining vulnerability management

Data Sheet: Endpoint Security Symantec Network Access Control Comprehensive Endpoint Enforcement

TOP 10 WAYS TO ADDRESS PCI DSS COMPLIANCE. ebook Series

Transcription:

WHITE PAPER Avoiding the Top 5 Vulnerability Management Mistakes The New Rules of Vulnerability Management

Table of Contents Introduction 3 We ve entered an unprecedented era 3 Mistake 1: Disjointed Vulnerability Management 3 Take a Unified Approach 3 Assessment 3 Mitigation 4 Protection 4 Mistake 2: Relying on Remote Assessment Alone 4 Close the Gaps with Remote and Local Vulnerability Assessment 4 Mistake 3: Unprotected Zero-day Vulnerabilities 5 Add a Layer of Protection 5 Mistake 4: Decentralized Visibility 5 Centralize Visibility 5 Mistake 5: Compliance at the Expense of Security 6 Create a Security Baseline and Measure Against those Standards 6 Why You Need Local Vulnerability Assessment, Too 6 About BeyondTrust 7 2 2013. BeyondTrust Software, Inc.

Introduction We ve entered an unprecedented era Vulnerability management programs make up the front lines of risk reduction for security-conscious organizations worldwide. However, despite widespread deployment of vulnerability management technologies, many security professionals still struggle to decide how best to protect their organizations, achieve compliance, and communicate risk enterprise-wide. The fact is, most vulnerability management solutions do little to help security leaders put vulnerability and risk information in the context of business. Saddled with volumes of rigid data and static reports, the security team is left to manually discern real threats and determine how to act upon them. This guide outlines the top five mistakes around vulnerability management and how to avoid them to protect critical IT assets and improve your security posture, while reducing costs. Mistake 1: Disjointed Vulnerability Management The job of protecting corporate assets would be challenging enough, even without new attack vectors being exploited through desktop applications, employee-owned devices, mobile computing, and social networks. Everyday you face new network devices, operating systems, applications, databases, web applications, plus numerous IP-enabled devices (laptops, servers, printers, etc.). These lists seem to never stop growing. Clearly, as things get more complicated, they get more difficult to manage. Many organizations take the approach of using disparate, stand-alone solutions to accomplish the key aspects of vulnerability management assessment, mitigation, and protection. However, this leaves them with a disjointed picture of security, which is not only more difficult to manage, but also more expensive. Take a Unified Approach With security budgets and resources under pressure, you need to take the most efficient approach possible, one that brings the key pieces of vulnerability management together in a single solution. The answer is Unified Vulnerability Management, which delivers a consolidated solution for assessing, mitigating, and protecting your environment, while reducing the overall cost of security and compliance. Assessment Vulnerability assessment must deliver unified configuration and vulnerability scanning across network devices, operating systems, applications, databases, and web applications using a scalable, non-intrusive approach. It s critical that vulnerability management includes configuration assessment, not just patches. Poorly set internal configurations can be as harmful as security violations from an outside source. Ideally, assessment should include unified reporting over all of these assets as well. 3 2013. BeyondTrust Software, Inc.

Mitigation You need prescriptive guidance and recommendations to effectively remediate critical vulnerabilities and strategically prioritize the rest. Make sure your solution adheres to broadly accepted standards which include integration with both SCAP and ASV (PCI) for assessment, risk scoring and reporting. In addition, look for alert and notification capabilities so you can take immediate action on critical issues. Protection You need zero-day protection in cases when a vendor has not yet created patches against vulnerabilities in their operating system or application. Your solution should also reduce risk with intrusion prevention, application control, and USB and firewire controls. Unified Vulnerability Management Security & Compliance Tactical and Executive Reporting Simple and Flexible Deployment Assessment Unified Vulnerability Assessment Extensible Compliance Support ASV (PCI) and SCAP Certified Local VA Scanning Management Centralized Management and Reporting Scalability Mitigation Remediation Reporting Integrated Zero-Day Attack Protection Security Research Protection Proactive Intrusion Prevention ActiveX (Web) Protection Application Protection System Protection Bringing assessment, mitigation, and protection together under one roof, in the form of a single solution, will ultimately save you countless hours and dollars. Mistake 2: Relying on Remote Assessment Alone Running remote vulnerability assessments works for many systems, but what about those blocked by firewalls or segregated from the network? What about mobile and offline devices? These are potential gaps that could be exploited. In most environments, not every system can be reached. Thus, they can t be updated immediately without impacting stability, introducing operating incompatibilities, disrupting business processes, or negating internal or regulatory compliance. Relying solely on remote vulnerability assessments is not enough and may, in fact, cause your organization to be exposed to threats. Close the Gaps with Remote and Local Vulnerability Assessment For truly complete security, you need remote vulnerability assessment as well as local assessment for assets that are disconnected, unmanaged, or exception systems. Using a lightweight agent is the best way to get at these types of systems. It serves to augment your remote scans and makes it easier to meet stringent regulatory compliance requirements, where local credentials and more frequent scans are required. With combined local and remote vulnerability assessment, you ll: Strengthen security posture and ease the burden of regulatory compliance with local and remote vulnerability assessment Close the security gap on assets that are disconnected, unmanaged, or exception systems Get full visibility into both remote and local vulnerabilities Lastly, you need full visibility via a single console to view the combined results of all scans to ensure complete security. 4 2013. BeyondTrust Software, Inc.

Mistake 3: Unprotected Zero-day Vulnerabilities Zero-day vulnerabilities continue to increase as attackers find new ways to penetrate your network. Clearly, you need safeguards to protect against these exploits and other complex attacks. Of course, like nearly all companies, you have anti-virus and anti-spyware in place. These signature-based technologies work well, but must be augmented with zero-day vulnerability management to protect systems when vendor-supplied patches do not yet exist for an operating system or application. Continuous zero-day vulnerability monitoring and protection is a must have in today s threat landscape. Add a Layer of Protection Augment foundational security components like anti-virus and anti-spyware with an additional layer that stops zero-day vulnerabilities. The ideal solution leverages a host-based intrusion prevention engine to dynamically collect and incorporate new threat data in real-time. With this, you can enforce policy and secure your organization from targeted email or internet attacks that could compromise your systems and data. Zero-day protection helps you: Reduce risk with intrusion prevention and zero-day protection where a vendor has not yet created patches to protect against vulnerabilities in their OS or application Improve system protection by setting policy over which applications are allowed to function and preventing modification of specific registry settings End data theft and leakage by regulating USB and firewire access, preventing transfer of sensitive or confidential data to personal storage devices Mistake 4: Decentralized Visibility Decentralized security visibility is one pitfall that trips up many organizations. Many organizations perform assessment, mitigation, and protection activities at individual locations but lack centralized management across the enterprise. Quickly identifying which assets are most at risk is imperative for the overall health of an organization. But, the challenge is finding a solution with a strong distributed architecture and the ability to provide a single point of management and visibility across the enterprise. Centralize Visibility To achieve centralized visibility, look for a fully integrated, completely web-based security console product. An easy addon to some vulnerability management solutions, this will dramatically simplify the management of distributed, complex infrastructures while providing true end-to-end protection. The key is becoming more efficient at finding, fixing, and protecting against the most urgent vulnerabilities and strategically prioritizing the rest. Look for a workflow-oriented console to make it easier to meet regulatory and security compliance requirements. Also, one that offers an asset-driven architecture will enable you to make logical groupings of assets regardless of their IP address and business function. But, you should also be able to view and prioritize risks grouped by business function or event, as well as by asset. 5 2013. BeyondTrust Software, Inc.

Mistake 5: Compliance at the Expense of Security Yes, you need to meet regulatory compliance. Many organizations place heavy focus on meeting requirements, which is certainly a wise approach. Especially for regulations such as HIPAA and PCI, audit failures (in the form of fines) are not only expensive, but potentially devastating to customer confidence. Some high-profile, highly publicized breaches serve to highlight what can happen if an organ ization takes their eye off the ball. However, a truly comprehensive security initiative requires focus not just on compliance, but also on the broader management of security and vulnerabilities. Create a Security Baseline and Measure Against those Standards Institute comprehensive, strategic security initiatives that include compliance. This can be facilitated by finding a solution that let s you easily create a security baseline and then measure against those standards. From there, you should be able to measure against internal security policy and regulatory compliance. In other words, implement a solution that gives you the tools to meet compliance regulations and then go beyond those requirements to actually improve security posture and reduce risk. Why You Need Local Vulnerability Assessment, Too Disconnected Systems With your mobile workforce, you likely have systems that are offline or disconnected from the network, which makes it almost impossible to perform an assessment or to apply a patch or update. Unmanaged Systems Some peoples roles require them to be excluded from the direct control of the IT security staff such as executives, engineers, and technical staff. Their systems connect to the network, but may be excused from updates. Can t Change the System In some cases, the systems are always on and always connected. For example, systems that perform critical business operations or highly specialized functions. Old Systems You d update these, but they may be running older versions of the operating system or business applications that can t be changed due to licensing restrictions, support requirements, or as a result of known or potential compatibility issues with the update. Exception Systems Some systems can t be changed due to external regulation. For example, those certified by the FDA to be HIPAA compliant can t be changed if they are to retain their certification status. Systems Running on Systems Virtualization technologies introduce on-demand system provisioning. With this, the number of new systems running within an organization increases dramatically. And, chances are, a large number of these remain undiscovered, unmanaged, and un-patched. 6 2013. BeyondTrust Software, Inc.

Our Focus: Providing Customers with the Best Vulnerability Management Solutions and the Highest Level of Service Since 1998, the Retina vulnerability management platform has provided customers with threat and risk information in real business context. Over 10,000 customers worldwide now employ context-aware Retina solutions to efficiently mitigate existing exposures and effectively secure against future threats. At BeyondTrust, we pledge to stay focused on providing the highest quality vulnerability management solutions available now and into the future. We regularly share our product roadmap with customers, as they wield the greatest influence on its course. And because we remain focused on vulnerability management, we are able to provide constant innovation and upgrades to keep our customers ahead of evolving threats. Customers are the common thread that drives everyone at BeyondTrust to build the best vulnerability management solutions on the market. From the first inquiry to our sales department, to interactions with our training and customer service staff, we are committed to providing dedicated, responsive and straightforward service to existing and prospective customers alike. About BeyondTrust With more than 25 years of global success, BeyondTrust is the pioneer of Privileged Identity Management (PIM) and vulnerability management solutions for dynamic IT environments. More than half of the companies listed on the Dow Jones Industrial Average rely on BeyondTrust to secure their enterprises. Customers include eight of the world s 10 largest banks, seven of the world s 10 largest aerospace and defense firms, and six of the 10 largest U.S. pharmaceutical companies, as well as renowned universities. The company is privately held, and headquartered in San Diego, California. For more information, visit beyondtrust.com. Contact Info North American Sales 1.800.234.9072 sales@beyondtrust.com EMEA Sales Tel: + 44 (0) 8704 586224 emeainfo@beyondtrust.com CONNECT WITH US Twitter: @beyondtrust Facebook.com/beyondtrust Linkedin.com/company/beyondtrust www.beyondtrust.com Corporate HeadQuarters 550 West C Street, Suite 1650 San Diego, CA 92101 1.800.234.9072 7 2013. BeyondTrust Software, Inc.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information