Vulnerability Scanning - Tip Tuesday for NCSAM

October 18, 2016 | Javvad Malik
X

Get the latest security news in your inbox.

Subscribe via Email

No thanks. Close this now.

The art of detecting vulnerabilities within the enterprise environment has been around for some time. Vulnerability scanning and management technologies and methodologies have evolved (sometimes rather quietly) to meet customer demands, which are fuelled by compliance and regulatory requirements.

In simple terms, vulnerability scanning is to look for vulnerabilities within an environment.

As an example, let’s use a house. A vulnerability could be any weakness in the house that a burglar could use to break in or damage the house.

If we ran a vulnerability scan against the house, it would probably return results that would resemble something like this:

  • Bedroom window open
  • Bathroom window not locked
  • Weak garage door lock
  • Inner door unlocked
  • Open Curtains / blinds
  • Mailbox open
  • Kitchen tap dripping
  • Etc.

The list will go on for a number of pages and list out hundreds, if not thousands of vulnerabilities.

For most, addressing each and every vulnerability is not possible. So, the question is, which one of these vulnerabilities merits attention?

Context is King

Ultimately it boils down to having context around the vulnerabilities. For example, is the open window located on the ground floor where it is easier for someone to climb in, or the 10th floor, where an attacker would have to rappel down from the rooftop or a helicopter to gain entry?

External factors also play a big role. Having a weak garage door lock may not be a problem if one lives in an area of low crime, and nothing of value is stored within it. Conversely, it becomes a higher priority if the area is of high crime and one parks a desirable vehicle within it.

Balancing Risk

Ultimately, addressing vulnerabilities is a lot like managing any other identified risk. Having additional information adds necessary context needed to make the appropriate risk-based decisions. Knowing your assets, establishing acceptable baselines, and having reliable threat intelligence can all contribute to helping manage vulnerabilities.

Javvad Malik

About the Author: Javvad Malik
The man, the myth, the blogger; Javvad Malik is a London-based IT Security professional. Better known as an active blogger, event speaker and industry commentator who is possibly best known as one of the industry’s most prolific video bloggers with his signature fresh and light-hearted perspective on security. Prior to joining AlienVault, Javvad was a senior analyst with 451 Research providing technology vendors, investors and end users with strategic advisory services, including competitive research and go-to-market positioning.
Read more posts from Javvad Malik ›

‹ BACK TO ALL BLOGS

Watch a Demo ›
GET PRICE FREE TRIAL