Posted on April 20, 2016 by lexi
If you’ve been following the series so far, you have a pretty good idea of what high quality vulnerability management looks like by now.
You understand the need for vulnerability management and which roles you’ll need to fill. You know how to scan for vulnerabilities and why it’s vital to categorize them by business risk.
Most importantly, you know that trying to undertake all this manually would be functionally impossible.
In order to construct and maintain a consistent, effective vulnerability management process, some form of automation is essential.
And, of course, a vulnerability scanner is the obvious place to start… but it’s not the only thing to consider.
As you now know, with vulnerability management, the devil is in the detail. With multiple processes to consider and different people involved at each stage, workflow becomes of paramount importance.
That’s where TraceCSO, TraceSecurity’s cloud-based IT GRC platform, comes in.
Scanning for Assets and Vulnerabilities
In a previous article in this series, we explained that vulnerability management can be boiled down to five stages:
TraceCSO includes a comprehensive built-in vulnerability scanner, which immediately ticks off the latter part of stage one as well as stages two and five.
You’ll be able to configure your scan template, selecting how often you’d like scans to run and on which days and times. You’ll also be able to choose whether you’d like the scanner to login to your network with specially assigned credentials – an option which will enable the scanner to return more detailed asset data. You will then enter the systems you would like to scan. This can be in the form of individual IP addresses or ranges of addresses.
Once all this is done, you can (if you wish) simply allow TraceCSO to conduct all your vulnerability scans for you by scheduling recurring scans, leaving you free to focus your resources on remediation.
Scanning and rescanning is the foundation upon which vulnerability management is built. Unless you’ve tried to construct an effective vulnerability management process before, it’s difficult to explain just how much time and effort is saved by automating your scanning process in this way.
But it doesn’t stop there.
Because the TraceCSO scanner returns data for both assets and vulnerabilities and can even login to your network, it has access to information that will become vital in the next stage of your process: prioritizing vulnerabilities.
Prioritizing Vulnerabilities, the Easy Way
Once you’ve run a scan (or a scheduled scan has run automatically) you’ll be confronted by a list of detected vulnerabilities. Now, before you can start fixing them, it’s your job to arrange them into an order that befits the risk they pose to your organization.
TraceCSO can tell you precisely which (and how many) assets are being affected by each vulnerability. Not only that, the system will provide a detailed description of each vulnerability, links to relevant reference articles for further information, and a clear explanation of how it can be remediated.
It doesn’t take a genius to see how beneficial this information is to the vulnerability prioritization process.
Remediation and the Art of Avoiding Resource Wastage
Of course, no matter how good a software solution is, it’ll never completely remove the need for competent staff.
In the case of vulnerability management, this is never truer than when it comes to the vital job of remediating detected vulnerabilities.
Whether you need to install a patch, change some settings, or upgrade an outdated asset, remediation is where the real benefit of vulnerability management comes from. The key, then, is to conduct your remediation efforts in the most efficient, orderly, and effective manner possible.
This is where TraceCSO really shines.
Since it’s likely that several staff will be involved with the process, TraceCSO allows for multiple user accounts to be setup. Staff members can be assigned individual issues and be notified via email with they have an issue to handle. When a member of staff works through your prioritized list of vulnerabilities, the system enables them to mark each entry according to its status.
Whether you’ve decided to accept a vulnerability for now, it’s in the process of being fixed, or it’s already been successfully remediated, TraceCSO can be updated accordingly. This should completely cut out the possibility of duplicating effort – a surprisingly common occurrence when completing remediation tasks without a dedicated workflow platform.
Not only that, you can run detailed reports to display the status of both open and closed vulnerabilities, making the job of updating your executive team dramatically easier than it would otherwise be.
In essence, the workflow aspect of TraceCSO enables you to organize your vulnerability management efforts in a highly structured and effective manner. As we’ve already discussed in previous articles, consistency is the name of the game, and (in our opinion) there is simply no better way to construct a consistent and effective vulnerability management process than by building it around the TraceCSO platform.
Check out other posts in this series:
Want to detect vulnerabilities within your network right away? Take a test drive of the vulnerability management capabilities within the TraceCSO platform with our free 30-day trial offer. See first-hand how TraceCSO’s built-in scanner facilitates unlimited management of your organization’s internal and external vulnerabilities.
Posted in Vulnerability Management