Barron Rosborough, 8/17/18 12:43 PM

Hundreds of millions of records have been stolen in recent corporate data loss incidents

下彩网昂 www.1ikyk.com.cn All of these compromised networks had patching programs in place. Yet every one of them fell victim to a KNOWN vulnerability, meaning that the weaknesses that hackers used were well described and discussed in the public domain and that, in theory, patches or work-arounds existed.

The obvious lesson is that automated patching solutions are not keeping up. Apparently neither were the enterprise grade firewalls, antivirus programs and IPS/IDS programs these major corporations had in place.

Patching Strengths and Weaknesses

Patching is vital. However, it has its costs and as the frequency of patch publication increases, a point may be reached where existing resources are not enough to keep up.

For example, Microsoft alone releases over 300 patches a year. A typical organization needs less than 30. Installing patches just because they were published means increasing downtime and taking the risk that a patch might break existing functionality - all of that unnecessarily. Additionally, many serious network vulnerabilities are not poor coding issues but rather configuration issues.

You may have every Microsoft patch in place, but if you are also running Linux, Mac, Cisco and Oracle devices in your network then patching as recommended by just the major vendors is not enough. Installing every patch from every vendor is an administrative headache to say the least.

Also keep in mind that most networks have accumulated applications and code that are no longer in constant use but are kept around, just in case. If these are not actively patched, then these offer an easy avenue for entry to your system.

Patching Headache? Here's Your Aspirin:

The term 'back door' is appropriate. The most elaborate home security system will not keep a thief from attempting to walk into a wide open back door. The known network vulnerabilities on your system today are that wide open door. Instead of adding more layers of alarms, how about just finding and closing the door?

Vulnerability scanning is the vital fourth pillar of your security strategy. Firewalls, antivirus and IPS/IDS react to attack while Vulnerability Assessment and Management will remove the incentive to attack at all.

Since nearly 90% of all data breaches are accomplished using known vulnerabilities, here's the best security strategy: Find your actual, current and real vulnerabilities and put your security resources to work eliminating them. Then, when your network has no known vulnerabilities, you can confidently put your attention on the issues that will actually move your company forward!

Find and handle your network vulnerabilities with beSECURE, the Automated Vulnerability Detection System, your web server vulnerabilities with WSSA and your application vulnerabilities using beSTORM.

  • “有个景区叫宁夏”2018景区推介及产品政策在太原发布 2019-04-23
  • 工厂暴力拆解蓄电池50吨硫酸排地下 14名嫌犯被抓 2019-04-22
  • 争议!日球员破门前手球在先 竟无上港球员抗议 2019-04-22
  • 全军启动826门军事职业教育重点课程建设任务 2019-04-21
  • 打造“互联网+”,共享经济改变百姓生活 2019-04-21
  • 天津自贸试验区机场片区:融合联动 特色发展 2019-04-20
  • 金华:舞动世界杯 我是颠球王 2019-04-20
  • 端午期间 南昌站与南昌西站共加开旅客列车45列 2019-04-19
  • An advance booking of two hours can be made for Yangtze River Cableway tickets - Chongqing News - CQNEWS 2019-04-19
  • 长治旅游推介会走进晋城、郑州、安阳 2019-04-18
  • 一“证”在手  产品畅行海内外 2019-04-17
  • 庆祝中国人民解放军建军90周年阅兵在朱日和联合训练基地隆重举行 2019-04-17
  • 看见什么有用?[猜想] 2019-04-16
  • 青春建功新时代 2018年“创青春”浙江省青年创新创业大赛启动 2019-04-16
  • 马克思主义何以改变人类历史发展进程 2019-04-15
  • 598| 247| 997| 879| 148| 478| 66| 813| 528| 615|