Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

What is vulnerability management? Processes and software for prioritizing threats

John Breeden II | Nov. 28, 2017
Organizations handle vulnerability management in various ways, from training and best-practice implementations to filtering out all but the most dangerous threats. Here's a look at some of today's more innovative solutions.

Crossbow is perhaps one of the most dangerous defensive programs that CSO has ever reviewed. All of the attacks that it can load or create are real, using actual techniques and tactics that have historically broken through cybersecurity defenses at many organizations. Only the payload is neutered, and even then, that part is optional. This makes Crossbow one of the most realistic tools out there for accessing, testing and managing vulnerabilities. To put it in perspective, Crossbow is much more akin to a live fire exercise in the military than a simulation, because the virtual threats Crossbow fires are real.

3. Risk Fabric

Many vulnerability management programs will direct IT teams to the critical threat on the non-critical asset, and place one that could potentially cripple your organization thousands of places down on the priority scale. It’s not the program’s fault. It just doesn’t know context. That is one of the major problems in the vulnerability management space that the Bay Dynamics Risk Fabric program is designed to solve.

It would not be an inaccurate description to call Risk Fabric a next-generation vulnerability management tool. By adding real context to raw scan results, IT teams are given a much better picture of the true risks hiding within their networks, including the potential costs if those problems are not fixed quickly. 

4. CAWS Continuous Security Validation Platform

At its core, the CAWS Continuous Security Validation Platform from NSS Labs is a testing lab dedicated to finding and fixing threats against networks. Customers who make use of the program can elect to use one of two flavors of the product — public or private — both of which could be tremendously helpful when planning defenses and trying to manage vulnerabilities.

For SMBs and organizations with smaller networks, the public instance of CAWS can be an invaluable tool for alerting IT teams about real threats with the ability to breach their defenses. But Fortune 500 type companies, financial institutions, government organizations, and those with either large networks or networks that are high value targets for attackers may want to spring for the more expensive private service, which offers a perfect mirror of the real network that it will ultimately be protecting. Highly destructive threats can be run against the mirror network and don’t have to be neutered in any way, since they are only going to ravage the test network. Having a whipping boy to take the punishment and reveal vulnerabilities — with no risk whatsoever to the actual network — is an invaluable tool for networks with high security needs.

More on vulnerability management

IDG Insider

 

Previous Page  1  2 

Sign up for Computerworld eNewsletters.