Managed Vulnerability Scanning

Essential to Every Information Security Program

November 01, 2018 by Dave McOlgan, Finance IT Services Consultant

If you pay attention to the news, you know threats are abundant in cyberspace and new vulnerabilities emerge on a daily basis. While many may be familiar with viruses, Trojans, worms and other such attack methods, they may be unaware of the abundant vulnerabilities built into the very systems, devices and software that we use every day.  In fact, there are currently over 118,000 known vulnerabilities associated with the most common platforms in use in organizations today (NVD.NIST.gov). For an information security program to be effective, it's essential to have a solution to both identify and resolve these threats on a continual basis.

Vulnerability Scanning Defined

Vulnerabilities are flaws or weaknesses present in software, systems, and devices that leave networks, data stores or processes open to attack or compromise. To counter these weaknesses, automated methods are vital to keep your data and systems secure. Vulnerability Scanning is an automated process of proactively scanning networks, systems and devices to determine where these structures are exploitable. A Managed Vulnerability Scanning (MVS) solution identifies, defines and classifies these vulnerabilities, providing specific direction to prioritize the weaknesses and provide a clearer path for remediation. MVS solutions are especially useful for the testing and verification of existing security posture, the testing of newly deployed systems, identifying newly discovered vulnerabilities and in meeting regulatory compliance requirements. Because systems change regularly and new weaknesses are discovered daily, conducting scans on a periodic basis is a necessary measure to identify areas of our environment that must be remediated to best protect our networks, systems and data.

Expanding Threat Landscape

The reach and scope of our networks are continually expanding. Additionally, the internet of things is growing the numbers and type of devices involved and creating greater complexity. These factors are increasing the importance of regular, periodic scanning. Traditional networks were isolated to firewalls, servers, switches, routers, workstations and other common devices. Today these same networks include Voice over Internet Protocol (VoIP) phone systems, multi-devices, alarms, and thermostats — the list goes on. In fact, the Target Corporation hack, compromising the data of over 70 million consumers, was conducted via a vulnerability in their Heating, Ventilation, and Air Conditioning (HVAC) system. Of course, all of these represent just the authorized devices. Consider that users may add unauthorized devices like unapproved mobile devices or Amazon's Echo/Alexa and the challenge compounds. The good news is that there are robust solutions to answer this challenge.

How MVS Helps

Using a Managed Vulnerability Scanning solution to examine one's broader network and systems, your organization's IT leaders can identify and respond to the latest threats in a strategic manner. There are two types of scans necessary to help keep things secure. External network scans operate from outside of the network, seeking holes or vulnerabilities in your firewalls and perimeter security, where malicious elements often begin their efforts. Internal vulnerability scanning is conducted in an authorized manner from the inside of the network, scanning all available devices and software for possible weaknesses. Once identified, the MVS solution categorizes the vulnerabilities according to the associated risk; critical, very high, high, medium or no-risk. Approaching the vulnerabilities in this way enables business leaders to prioritize the risks and to make strategic decisions on where to focus time, resources, and budget to reduce or eliminate the greatest risks to the organization.

While MVS solutions are just one part of a broader security strategy in a layered security structure, it is an essential element to protecting your network, systems and data. Implemented properly and executed regularly, the MVS solution provides better visibility, enabling leaders to work strategically to secure areas of potential compromise.