How to Evolve Your Vulnerability Management

 

How to evolve your vulnerability management program? One of the biggest challenges risk and security teams face is the lack of information provided by their vulnerability management platform. This isn’t a big surprise….this space has been grappling with significant problems for 20 years.

The Core Issue in Vulnerability Management Programs

At their core, most vulnerability management tools are basic scanners that provide only certain pieces of information (or guesses) about an asset and/or vulnerabilities present on a device. In addition, we all know that there aren’t enough hours in the day/week/year to use traditional risk scoring, like CVSS, alone to prioritize issues in any environment.

What Can You Do?

We’ve mapped out two easy steps to help evolve your vulnerability management program that make significant impact with minimal effort. Take a look:

 

1. Leverage Threat Intelligence

The easiest step to quickly evolve your vulnerability management program is to leverage Threat Intelligence. By simply marrying this with your already produced vulnerability scan results, you get a more refined picture of actual threats and risks to the environment.  This process has been the major efforts of vulnerability scanners like Rapid 7, Tenable, and Qualys over the past 3-5 years.

2. Add More Dimensions

Reducing the number of critical vulnerabilities to less than 1% is a good start but it is possible to do ever better. To further fine tune, we need more data.

Organizations understand that vulnerability scanning is not THE tool but rather only one of many tools needed. Problems that can affect any given business unit can be present in numerous ways – at the asset level (OS and software versions), the risk involved with in-house developed software, or even risk with network access. Businesses are trying to see everything with limited success.

To help clarify, let’s use an analogy: If you are sick and you go see the doctor, it is highly unlikely that your doctor is only going to do one test. They are going to use different diagnostic tools to establish the crosscut of your symptoms to help you get better.

The same principal applies to vulnerability management. Vulnerability scans are like an x-ray or CT scan. They can tell you certain things but not everything. For a complete, risk-based perspective, it is necessary to add other relevant data sources. You can’t fix it if you don’t understand the problem.

 

What Other Vulnerability Management Data Sources?

The challenge is finding a tool that gives your team the ability to increasingly add more layers of vulnerability data to the environment (ex. additional scan types like penetration tests, app security, missing patches, etc.)

Leverage the data you already have to dramatically improve your vulnerability management program. There are hundreds of potential data sources in an enterprise environment such as ServiceNow, SCCM, BMC Remedy, Crowdstrike, SolarWinds, Splunk, Cybereason, Palo Alto, JIRA, Active Directory, and the list goes on….

 

Byproduct = Accurate Asset Data

The end result of transforming your data with these easy steps? Accurate asset and vulnerability inventory and a prioritized list of what risks to focus on first.

Need help understanding your vulnerability management problems? NorthStar Navigator can help. Reach out today for a free assessment.