What is a vulnerability and why is it dangerous?
A vulnerability is defined as a weakness in the operational logic of software or hardware which, when exploited, leads to a breach of the confidentiality, integrity or availability of a system. Examples include firewall vulnerabilities that allow access to the company network, or vulnerabilities in other network devices, operating systems and applications that make it possible to take control of them. The negative consequences of such attacks can include the loss of company data, its public disclosure or a ransom demand.
How to counter vulnerabilities in your organization
To reduce the risk of vulnerabilities being exploited, they need to be properly managed. In practice, this means a cyclical process consisting of:
– identification,
– classification,
– risk assessment,
– prioritization,
– remediation,
– mitigation of security vulnerabilities.
In 2021 alone, almost 22,000 vulnerabilities were published. Of these, more than 300 are actively exploited in various attack vectors.
Are there systems that support vulnerability management?
Help comes from management-support systems based on CVSS (Common Vulnerability Scoring System), a free and open standard for rating the severity of security vulnerabilities. Based on a base metric derived from the nature of a given vulnerability, a score is assigned and a severity level is determined (0.0–10.0, none–low–medium–high–critical). Additionally, knowing the company's IT infrastructure, you can factor in temporal and environmental metrics and use the available calculator to determine the severity of a vulnerability more precisely. Using this data, IT security teams can build their own threat assessment systems and risk matrices.
What are the drawbacks of existing vulnerability management systems?
This approach has its drawbacks, however. With such a large number of vulnerabilities, the management process becomes time-consuming and inefficient. Given an organization's existing systems and limited resources, it is very difficult to prioritize detected vulnerabilities properly and dynamically in order to limit the risk of an attack. As a result, only a few percent of them ever get fixed.
What is currently the best system for countering vulnerabilities?
One solution that addresses the current limitations of CVSS is the Kenna Security Platform from Cisco's portfolio. It is a risk-based vulnerability management system that takes into account more information than just the technical severity of a vulnerability. The risk score is calculated in context, based on data from multiple sources: vulnerability scanners, application scanners, pentest data, bug bounty programs, system asset databases, CMDB databases, CSV files and data retrieved via REST API. The system also draws on numerous services that track and analyze threats worldwide in real time (threat intelligence), as well as malware, zero-day and exploit databases.
One of the core principles of Kenna Security is that risk scores are dynamic and can change in real time to reflect shifts in attack strategy. The platform delivers a list of vulnerabilities with assigned priorities, risk scores and recommended remediation steps. Fewer high-risk vulnerabilities to fix saves time and resources and reduces the attack surface.
A partner for vulnerability management in your organization
If you want to secure your environment based on best practices and the latest technologies, get in touch with C4PL. Establishing contact is the best first step towards increasing the security of your IT environment.