Vulnerability Remediation: 5 Steps Toward Building an Effective Process

Vulnerability Remediation

To our detriment, new software vulnerabilities are discovered on an almost daily basis. This becomes a serious issue for security professionals and organizations alike. There must be a process that companies can use to ensure they will not fall victim to these vulnerabilities. The best way to do this is to institute both vulnerability and patch management programs. This blog provides five key areas security professionals can focus on for establishing these programs.

The Vulnerability Management Process: Summarized

According to the SANS Institute, vulnerability management is the means of detecting, removing and controlling the inherent risk of vulnerabilities. The purpose of an organization’s vulnerability assessment program is to establish controls and processes that will help the organization identify its vulnerabilities within the firm’s technology infrastructure and information system components. This is essential because these vulnerabilities can potentially be exploited by attackers who seek to gain unauthorized access to the organization’s systems, disrupt its business operations, and steal or leak sensitive data.

Once vulnerabilities are found, the best way to mitigate the vulnerability is to deploy patches that address the vulnerabilities, if any exits. The purpose of an organization’s patch management program and policy is to identify controls and processes that will provide the organization with the appropriate protection against the vulnerabilities and threats identified by the vulnerability assessment program. These vulnerabilities and threats could adversely affect the security of the organization’s information system and data entrusted on the information system.

Last week I hosted a webinar "5 Key Areas to Consider When Building an Effective Vulnerability Management Program" – watch it now on-demand.

5 Tips to Secure Against Known Vulnerabilities

Following are five tips that can be used to effectively implement controls that can assist organizations to create a consistently configured environment that is secure against known vulnerabilities.

1) Implement a threat monitoring process that will allow your security team to constantly gather information about the newest or emerging threats that may affect your organization

It is imperative that your security team stay current on these threats. They do this by reviewing vender notifications of threats, patches and system updates as well as getting information from US CERT, which is always kept up to date with the latest information. Any threats the team uncover need to be addressed by vulnerability remediation management.

2) Conduct regular vulnerability assessments

This is not something you do once and forget. Assessment is a continuous process because the assessment is only a point in time snapshot of your situation and can change as new vulnerabilities are discovered. Therefore, you must ensure that you establish a formal program with defined roles and responsibilities that focus on developing and maintaining good vulnerability processes and procedures.

3) Establish and enforce baseline configurations

Standardize the configuration of similar technology assets within your organization based on documented configurations in accordance with applicable policies. Your security team must ensure that they document all baseline configurations within your environment and also ensure that these documents are kept up to date and are integrated as part of your system build process and is enforced throughout your organization.

4) Remediate vulnerabilities

This is the practice of evaluating the vulnerabilities you have identified, assigning risk to those vulnerabilities, planning responses to the vulnerabilities and then tracking any actions taken towards mitigating the vulnerabilities you find. Discovering faults and doing nothing about them is useless and will leave your organization susceptible to many threats.

5) Patch vulnerabilities

Vulnerability and patch management is best conducted in the following manner:

First you must have processes in place to identify and confirm vulnerabilities using appropriate tools and services that will help you identify suspected or confirmed threat to your organization.
Next you analyze your finding in order to thoroughly understand what the risks are. Without a true understanding, how can you put the correct measure in place to deal with them.
After you perform your analysis, you fix the problems.
Once your “fix” is in place, you must rescan or retest to first ensure your fix took and then to ensure that it was effective.

By following these recommendations I have provided you here, you are well on your way to securing your organization again vulnerabilities and threats that can cause serious harm if not checked.

Next Steps

Watch my on-demand webinar "5 Key Areas to Consider When Building an Effective Vulnerability Management Program", or contact us for a personalized demo.

Derek A. Smith

Founder, National Cybersecurity Education Center

Derek A. Smith is an expert at cybersecurity, cyber forensics, healthcare IT, SCADA security, physical security, investigations, organizational leadership and training. He is currently the Director of Cybersecurity Initiatives for the National Cybersecurity Institute at Excelsior College, responsible to perform complex duties relating to the development and coordination of cyber initiatives at NCI. Formerly, he has worked for a number of IT companies including Computer Sciences Corporation and Booz Allen Hamilton. Derek spent 18 years as a special agent for various government agencies and the military. He has also taught business and IT courses at several universities for over 20 years. Derek has served in the US Navy, Air Force and Army for a total of 24 years. He completed an MBA, MS in IT Information Assurance, Masters in IT Project Management, and a BS in Education.

You May Also Be Interested In:

Webcasts

The PCI DSS Compliance Essentials: Top 10 Things You Need to Know

Webcasts

Expert Tips to Help You Get the Most Out of Your Vulnerability Management Solution

Whitepapers

Privileged Access Management Solutions

Products

Use Cases

Resources

Privileged Access Threat Report 2019

On the Blog

News