By ensuring we keep the internal and external vulnerabilities in our environment to an absolute minimum it not only makes the attackers job much harder, but it takes them longer to make progress and consequently, increases the chances of detecting their presence through other security products that are monitoring the systems. A simple but effective way to monitor and manage vulnerabilities is to gain visibility and awareness of them through regular vulnerability scans.
Having the ability to check for and identify vulnerabilities should therefore a key component of your security strategy.
Looking for vulnerabilities is only a single part of vulnerability management however, manually having to deploy patches across your estate – and even beyond it for home workers – is a huge undertaking – so huge it’s not practical. Patch management solutions automate the deployment of patches into your environment, having OS patch management configured and managed at an organisation level is essential and fortunately largely included in the OS.
3rd party patching however is often difficult to automate, much of the software available today will perform automatic updates of itself, the catch being that many updates will only be performed when the software is run, applications that are not used frequently can sit there for weeks or months with a well-known vulnerability present – vulnerability assessments are the best way to identify such problems and running scans regularly ensures that you are managing the risk these applications can pose to your cyber security.
Want to know more about your Cyber Security posture?
Solutions that can Help your Business with Vulnerability Management
A Vulnerability Assessment is an automated activity that actively scans for possible security vulnerabilities within an internal or external infrastructure (including all systems, network devices and communication equipment connected to that network) that cybercriminals could exploit.
It is conducted against infrastructure IP addresses and produces a report to identify any issues found and allow you to resolve them.
A pen test goes further and deeper. An expert pen tester (sometimes known as ethical or white-hat hackers) will run the tests. The pen test will include a vulnerability assessment for an initial sweep of the infrastructure, but the key here is that the pen tester will use the output of the Vulnerability Assessment and combine it with their experience and skillset to penetrate further into your network.
They will perform research and reconnaissance, threat analysis and exploitation of the vulnerabilities identified to reveal the full extent of your information security and its weaknesses.
The report from a pen test will provide a detailed list of any threats or vulnerabilities found and the recommended remedial actions. Threats and vulnerabilities are ranked in order of criticality. The report will also contain an executive summary and an attack narrative which will explain the risks in business terms.
Need advice, support or more information?
At Chess, we have a dedicated team of Cyber Security specialists and are backed by our award-winning vendors with decades of experience in most deployment scenarios. If you would like to discuss your cyber security needs, please book your free consultation.