Cloud Security and Governance – Mind the Security Gap
Cloud Security and Governance – Mind the Security Gap Workloads are migrating to the Cloud with…
However, with the amount pf patches required through-out an environment it becomes almost impossible to know what to patch and when without an effective vulnerability prioritisation program. Further, addressing vulnerabilities requires a precise, automated and systematic approach to ensure continuous coverage within an organisation.
Ideally an organisation should be able to address critical vulnerabilities within 24 hours. Although in a real world this is sometimes a streatch for organisations, it should be noted that organisational risk reaches moderate levels when a vulnerability remains in an environment for one week and becomes high when it remains within a critical system for a month or longer.
When considering the Vulnerability Assessment business case a number of items need to be considered.
Regardless of the underlying technology used within the environment an effective VA and Patch Management solution combine to address two items, “Patch Applications” and “Patch Operating Systems” within the organisation. (Perhaps we have a link to the ASD Essential 8).
Essentially the Vulnerability Assessment determines which systems are vulnerable and the Patch Management cycle remediates these vulnerabilities.
Critical to any Vulnerability Assessment is knowing what systems are running on your network. Good VA tools and regimes use a combination of both active and passive scanning of assets across a client’s organization and should include Subnet scanning, Windows Network Scanning and Active Directory Scanning.
Vulnerability Assessment
Patching Policies
Automated Patching
Patching of vulnerabilities can be completed based upon the severity level. For instance all vulnerabilities can be patched with severity level of High and above, meaning all High and Critical vulnerabilities could be patched, regardless of whether they are approved or not.
Cloud Security and Governance – Mind the Security Gap Workloads are migrating to the Cloud with…
Penetration Testing Penetration testing is essentially recreating malicious attacks in order to exploit and identify gaps…
Vulnerability Management – Assessment and Patching An effective Vulnerability Assessment (VA) approach Organisations are most likely…
Managed Detection and Response (MDR) What is a Managed Detection and Response service? Managed Detection and…
Endpoint Detection and Response Solutions – EDR / XDR / MDR Endpoint Protection Platforms (EPP) are…
SOAR – Security Operations, Analytics and Reporting Orchestration and Automation of incident response are key elements…