Vulnerabilities can be used to breach your security. Make sure you do not allow that.Advanced Threats, Business Security News, Cybersecurity // 08.04.2016
There are three basic types of vulnerabilities that can leave your systems open to attack: outdated software, misconfigured systems, and non-secure web applications. But by understanding and properly managing these weaknesses, you can reduce your attack surface significantly.
The risk of security breaches is higher than ever – the amount of malware has doubled each year since 2006. On average, 19 new vulnerabilities emerge every day (source: National Vulnerability Database). It’s no wonder that exploiting vulnerabilities is the most efficient way to breach a company network.
So, how do you know if or which vulnerabilities might be lurking in your systems? After all, just getting an overview of all the software versions that are running on a network can be quite a task. On top of that, you need to look for misconfigurations, non-secure passwords in each web application, and pretty much any other places where these vulnerabilities might exist. A next to impossible task if you have multiple systems, servers, and platforms to manage.
Vulnerability scanning and management is the answer.
But a one-time scan is only a quick fix and doesn’t give you a lot to work with. You have to run regular scans to stay on top of things. But then again, once you have detected a lot of vulnerabilities, it doesn’t matter that much unless you’re able to fix them. Vulnerability management is crucial to keep your critical systems secure.
So where do you start?
If you think of physical security in your office, doors and windows are the most obvious entry points. And to start improving your security, you would start by finding out how many doors and windows you have, and where they are – even all the back doors and small basement or roof windows. With software, the first step is to discover what assets you have in your system. You need to map your entire network and all its assets – the servers, desktops, routers, printers, and any other assets connected to your network at any place.
Next, in your house, you would need to know which of the doors and windows might pose a potential security risk. Maybe there’s a back door that nobody ever uses and has dropped off its hinges? Or a small window that is left slightly ajar to let in fresh air? After all, it’s up so high, who could possibly reach it? Well, someone just might. After all, where there’s a will, there’s a way… And the same goes for software – now that you have an overview of all your assets, it’s time to find all potential vulnerabilities in the network. These can be caused by configuration errors, improper patch management, erroneous implementation, or other errors.
In your house, last, but not least, you would like to know what type of locks and keys you have in your house, and whether they are secure. Maybe one of the doors has an ancient lock that can be broken easily? Or a lost key that could be anywhere? In your network, outdated software or web applications provide a key to your system. And since web applications are highly vulnerable – in fact, according to the HP 2015 Cyber Risk Report, 86% of all web applications have serious security issues – you need to scan all your web applications. You want to find and identify vulnerabilities, such as cross-site scripting and SQL injection, in custom applications.
By doing a scan, you can also identify the places that are particularly vulnerable or interesting to the hacker, which they might try to exploit with more advanced tools. All the more reason for you to put extra focus and effort on securing your systems.
So, now you know your building and you’ve spotted all the possible risks. That does you little good if you are not able to fix the issues – and keep them secure in future after you’ve done all the patching. Before long, your efforts will have been for nothing. Instead, you need to inform the caretaker of any broken windows, outdated locks and other unsafe elements. But you also need to figure out a process that guarantees consistent care of the property to keep it secure at all times. When handling your software, you also need the know-how to manage the vulnerabilities identified – are you sure this vulnerability is low-risk – or is it in fact high – and can you afford to be wrong? You need reporting tools, an overview of what, whom and when, and a way to easily create tickets for the issues found, and most probably, also an interface that includes all your other systems.
And in case you learn about a totally new zero-day vulnerability from other sources, you need to be able to add that into the system manually to include it in your future scans. Only regular scanning and management can help improve security in your systems in the long run.
Does all this sound like a lot of work?
Trust us – it is.
However, you can automate a lot of the process and focus your time and effort on the tasks that need it the most. Why not have a scanner that will take care of all the automated stuff and leaves time for you to keep your focus on where it adds more value.
Now we offer you a solution
F-Secure is launching F-Secure Radar, a vulnerability scanning and management solution that gives you time to not only look for vulnerabilities, but also to start fixing them. The solution is based on the former nSense Karhu product, which is a recognized (PCI ASV certified) European solution for vulnerability scanning and management.
And if you find that, after scanning and managing your vulnerabilities with F-Secure Radar, you still have a bit too much on your plate? Ask for Radar as a Service. Our selected partners provide F-Secure Radar as a service, as do we ourselves. Let the experts make sure you get the most out of your vulnerability scanning.