Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Closing the Vulnerability Gap

October 7, 2015

  • Blog
  • Archive
cracked-brick-vulnerability Managing vulnerabilities is a significant challenge for many organizations. The main difficulties with managing this manifest in two key areas. The first is that the list isn’t static. It seems that new vulnerabilities are discovered almost daily, adding to our list (assuming we are scanning regularly). In what are considered relatively small environments, the list of vulnerabilities can run into the thousands, for enterprises it can seem like a tsunami of vulnerabilities. The other key area of concern revolves around the vulnerabilities that need to be addressed first. Many organizations sort their list by severity, starting with high severity and working down through the medium, low and finally the informational vulnerabilities. Others will use CVSS score or PCI severity. For smaller environments with a few tens or hundreds of systems it may be possible to get to the bottom of the list. For many, however, the task of completing the high severities alone can seem insurmountable (and often is). The primary objective should be to discover which of those vulnerabilities pose the greatest risk to your organisation and severity, or CVSS score or PCI severity, simply isn’t enough. If you can mitigate the vulnerabilities through which you are most likely to be attacked as task #1, then you can reduce the attack surface you are presenting to the outside world dramatically. Kmart and David Jones have both recently suffered intrusions via WebSphere vulnerabilities. While we don’t have specifics on which vulnerabilities were actually used there is speculation in the press that both were related to one recently discovered. There have been 235 WebSphere vulnerabilities discovered (or updated) in the past 3 years alone (according to the National Vulnerability Database). Many of those, like the vulnerability suspected of being used, are medium severity vulnerabilities. If our list of vulnerabilities has thousands of high severity vulnerabilities with more being added daily, how will we ever get to those that might cause immediate harm? This is where your vulnerability management solution choice is critical. The tool you choose needs to understand what makes a vulnerability into a significant risk to your environment and that’s the availability of an exploit. A vulnerability without a known exploit is, for a hacker, similar to having to navigate around the outskirts of the city to get to the other side of a busy street with fast moving traffic. It’s a lot of work to get there but if there’s a clearly signed crossing then anyone would take that route, it’s easy. Hackers are using vulnerability scanners; they are looking for the same information you are. They are comparing the discovered vulnerabilities to the lists of exploits that they have to hand. If they find an IP address with an easily exploitable vulnerability, then it’s simple to get in and take a look around. If there’s something of value then we’re going to hear about it in the press, if not no-one may ever know. The picture of the hacker spending hours, days, weeks or even months to break into your network is the exception and then the hacker needs to know there’s value in breaking in. For many, it’s just a drive-by/opportunist activity. You need tools that will not only find all the vulnerabilities across all your platforms; not just Windows, Linux and Unix but also infrastructure devices such as Cisco, Juniper, etc. What about mobile devices, Android, IOS, BlackBerry, Windows Phone? Cloud systems such as AWS, GoGrid, Rackspace, etc? Wherever your data lives you need to be scanning but that’s just adding vulnerabilities that need to be worked through. If your tool gives you the number of known exploits available for each vulnerability (including exploit toolkits) then we have a much better filter to target our efforts. If you mitigate the vulnerabilities with known exploits first then you are no longer an easy target, the hacker is much more likely to move along. You are getting the biggest return for your investment and the largest reduction in risk for the effort involved in the mitigations. Unsurprisingly, when you sort the list of vulnerabilities by the number of exploits, medium, low and information severity vulnerabilities bubble quickly to the top of the list. BeyondTrust’s Retina Vulnerability Management solutions give you the visibility you need to see across your estate and the focus to help you attack the vulnerabilities with exploits first. The BeyondTrust Research team is updating our vulnerability database continually with details of new vulnerabilities and newly published exploits which are delivered directly to your Retina implementations. Retina gives you the opportunity to take back control. Contact us today for a free trial. Brian Chappell | BeyondTrust | Director, Technical Services | EMEAI & APAC
Photograph of Brian Chappell

Brian Chappell, Director, Product Management

Brian has more than 25 years of IT and cybersecurity experience in a career that has spanned niche system integrators, PC and Software vendors, and high-tech multi-nationals. He has held senior roles in both the vendor and the enterprise space in companies such as Amstrad plc, BBC Television, GlaxoSmithKline, and BeyondTrust. At BeyondTrust, Brian leads the Product Management of the flagship Password Safe product globally, ensuring the delivery of a world-class, industry-leading Privileged Password and Session Management solution. Brian can also be found speaking at conferences, authoring articles and blog posts, as well as providing expert commentary for the world press.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Webcasts

Rising CISOs: Ransomware, Cyber Extortion, Cloud Compromise, oh my!

Whitepapers

A Zero Trust Approach to Windows & Mac Endpoint Security

Whitepapers

Mapping BeyondTrust Solutions to the Qatar National Information Assurance Policy v2.0

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.