Contributor – Chris Fisher, Chief Marketing Officer at TAC Security
Which vulnerabilities really matter?
The common thread between these two events was the attacks targeted infrastructure used in many organizations – logging and file transfer. Because these are ubiquitous and not seen as “high risk” like a customer data asset might be, organizations could be tempted to overlook them when it comes to vulnerability management.
What hackers want?
I’ll never forget a cartoon one of my security engineers always used in his presentations. It showed two would be thieves pondering how to steal info from a laptop. One proposed an elaborate coding scheme to break the encryption, the other said let’s just force the owner into giving us his password.
Hackers want the easiest way in, and they are more vigilant than security teams when it comes to reviewing public information about exploitable vulnerabilities. This means Security teams need to include all these in their scope and filter out the ones that wouldn’t be attractive to hackers.
Where to look
If there is a lesson to learn from the recent breaches it is that the Entire IT stack must be considered when reviewing vulnerabilities – for both infrastructure and applications. Scanning everything to collect all the vulnerability data can be overwhelming just based on asset volume. But limiting the scope could mean you miss something like the recently exploited FTA software zero-day vulnerability.
How to prioritize?
With thousands of assets and millions of known vulnerabilities, you and your IT partners can’t patch everything. Comprehensive visibility and intelligent prioritization are required to identify and fix what matters most to reduce risk and improve security posture.
This is where a vulnerability and risk management platform like ESOF is needed. ESOF is the industry’s most comprehensive platform for collecting vulnerability data across the IT stack. To create intelligent risk scores, we use machine learning to augment VA data with insights from areas like SIEM and CMDB and Threat Intelligence to produce cyber risk scores for every asset so you can partner with IT to fix the ones that matter most.