­­­­­­­­­­­Vulnerability Management

When talking about cybersecurity, terms can sometimes be hard to understand. Vulnerability Management, pen testing, and least privilege access are some examples of cybersecurity terms you may have heard or read about.  In this blog series, we will define these terms and what they mean for your organization. In the first part of our blog series, Cybersecurity Terms and Definitions, Accellis Technology Group Director of Cybersecurity, Tom Fazio has defined Vulnerability Management.

Vulnerability Management is a crucial piece of your security program in maintaining a secure environment. A vulnerability sometimes referred to as a security hole, is a weakness in software, hardware, configuration, or a process that a bad actor can exploit to gain unauthorized access to an asset for theft or a malicious purpose.

The common components of vulnerability management include detection, assessment, and remediation. First, a vulnerability scan is run to search and examine network assets such as computers, firewalls, and software. The scanner utilizes a database containing a number of known security holes which then systematically checks the scanned assets against.  The scans are very thorough, scanning each service and port of the asset to detect anomalies in packet construction, and potential paths to exploitable programs or scripts.

Vulnerability Management

Once the scanner builds a list of detected vulnerabilities, a cybersecurity engineer plans out a course of remediation. Remediation could be as simple as a vendor patch or it may require reconfiguring the device according to an updated best practice. In some cases, a remediation cannot be completed due to a business need or a nonexistent patch and we call those exceptions. If an exception is identified, we may put in a risk mitigator such as an additional firewall layer or have a plan for decommission.

Pen tests (penetration testing), which we will define in part 2 of this blog series, may be automated or performed manually, involve gathering information about the target before the test, identifying possible entry points, attempting to breach the system and reporting findings. We will discuss pen tests in our next blog article

Have Questions?

Do you have questions on how to protect your organization from lateral phishing and spear-phishing attacks? We want to help! Fill out the form below and Cybersecurity expert will reach out at your earliest convenience to answer your questions.