Barron Rosborough, 8/17/18 12:43 PM

Hundreds of millions of records have been stolen in recent corporate data loss incidents

下彩网昂 www.1ikyk.com.cn All of these compromised networks had patching programs in place. Yet every one of them fell victim to a KNOWN vulnerability, meaning that the weaknesses that hackers used were well described and discussed in the public domain and that, in theory, patches or work-arounds existed.

The obvious lesson is that automated patching solutions are not keeping up. Apparently neither were the enterprise grade firewalls, antivirus programs and IPS/IDS programs these major corporations had in place.

Patching Strengths and Weaknesses

Patching is vital. However, it has its costs and as the frequency of patch publication increases, a point may be reached where existing resources are not enough to keep up.

For example, Microsoft alone releases over 300 patches a year. A typical organization needs less than 30. Installing patches just because they were published means increasing downtime and taking the risk that a patch might break existing functionality - all of that unnecessarily. Additionally, many serious network vulnerabilities are not poor coding issues but rather configuration issues.

You may have every Microsoft patch in place, but if you are also running Linux, Mac, Cisco and Oracle devices in your network then patching as recommended by just the major vendors is not enough. Installing every patch from every vendor is an administrative headache to say the least.

Also keep in mind that most networks have accumulated applications and code that are no longer in constant use but are kept around, just in case. If these are not actively patched, then these offer an easy avenue for entry to your system.

Patching Headache? Here's Your Aspirin:

The term 'back door' is appropriate. The most elaborate home security system will not keep a thief from attempting to walk into a wide open back door. The known network vulnerabilities on your system today are that wide open door. Instead of adding more layers of alarms, how about just finding and closing the door?

Vulnerability scanning is the vital fourth pillar of your security strategy. Firewalls, antivirus and IPS/IDS react to attack while Vulnerability Assessment and Management will remove the incentive to attack at all.

Since nearly 90% of all data breaches are accomplished using known vulnerabilities, here's the best security strategy: Find your actual, current and real vulnerabilities and put your security resources to work eliminating them. Then, when your network has no known vulnerabilities, you can confidently put your attention on the issues that will actually move your company forward!

Find and handle your network vulnerabilities with beSECURE, the Automated Vulnerability Detection System, your web server vulnerabilities with WSSA and your application vulnerabilities using beSTORM.

  • 机构预测俄罗斯今年粮食出口量居世界第二 2018-12-15
  • 贵州茅台:“酒旅融合”创新工业旅游新模式 2018-12-15
  • 冰岛闷平阿根廷秘诀或在“平凡”二字 2018-12-14
  • 一加3T【报价 图片 参数 评测】 2018-12-14
  • 回复@笑傲江湖V:咱还有几个帖子点赞量接近400呢,小撸又怎么说? 2018-12-13
  • 纷纷“结缘”世界杯 家电企业图什么 2018-12-13
  • 我什么时候“反来复去说1+1=2”了?不要无中生有、凭空捏造,还是学点尊重客观事实及其规律吧。 2018-12-12
  • 甘肃分级诊疗按病种付费 2018-12-11
  • 首届“芯火杯”智能硬件创新创业大赛在京启动 2018-12-11
  • 一语惊坛(6月15日):人民日报和共和国共同成长。 2018-12-10
  • 数十年月球温度上升谜团解开:都是美国惹的祸 2018-12-10
  • 曹建明:坚持有腐必反,坚定不移“打虎”、“拍蝇”、“猎狐” 2018-12-09
  • 妹妹半个多世纪前嫁到安徽 八旬老人想再见她一面 2018-12-08
  • 浙江现奇葩“失恋展” 2018-12-07
  • 吉林省交通运输厅原副厅长李恩会涉嫌严重违纪违法被查 2018-12-07
  • 75| 650| 667| 675| 282| 319| 761| 324| 874| 187|