SANS 20 Critical IT Controls – #10: Continuous Vulnerability Assessment

Attackers are constantly are on the prowl for new vulnerabilities to exploit. You can expect hackers to launch numerous attacks right after vulnerabilities are discovered and announced. That is why it is important to apply vulnerability patches almost immediately after the vendor makes the patch available to you.

The key to protecting yourself against new vulnerabilities is to continuously scan your networks – you must scan with automatic scanning tools on a weekly or even a daily basis. Make sure your vulnerability scanning tool is up to date. Vendors announce new vulnerabilities almost daily, and the tool vendor must update the tool accordingly.

The daily and weekly scans you run are most frequently the unauthenticated vulnerability scans. While these types of scans give you a hacker’s view of your system and test the vulnerability of your system, they have limitations because they can’t authenticate to the system. Therefore, you must also perform a credentialed scan, also called an authenticated scan, every quarter, to analyze the security of your network.

You must ensure that you are addressing each vulnerability through patching, the implementation of a compensating control or by accepting the business risks by not doing anything. To make sure you’re meeting minimum scanning standards, use government approve scanning configuration files for your scanning./ Above all, make sure critical security patches are tested and pushed to production ASAP. Automated patch management tools and software update tools are also very helpful in reducing your exposure to newly discovered security vulnerabilities.

Leave a Comment

Your email address will not be published. Required fields are marked *