BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

Plugging Into Your Remediation Process

Post by Morey Haber June 21, 2011

My team and I have spoken with a number of analysts and have confirmed that the plethora of vulnerability assessment solutions on the market share a common trait and a common flaw, the shear volume of reports that can be created based on a vulnerability assessment. Every scan can lead to a myriad of hosts and vulnerabilities that need remediation and pages upon pages of work for another team to execute upon. This is where Unified Vulnerability Management plugs into a remediation process. In some organizations, this process is a paper based report (or PDF) forwarded to the server or desktop administration team to apply security patches or a process of opening help desk tickets to various team members to perform remediation. Both of which is very labor intensive. Some organizations have embarked on patch management integration to streamline the process and others believe in a separate and distinct separation of duties.

The process regardless of the internal procedures to pass data generally looks like this:

An assessment finds the vulnerability, something or someone mitigates the security risk, the risk is verified remediated, and final reports trend the progress over time. The labor intensive process occurs between the first two steps as volumes of reports are produced and an administrator must decipher them to apply the appropriate patch and ultimately deploy it using tools or even “sneaknet” for all affected systems.

This is where eEye can help. eEye’s Unified Vulnerability Management approach considers the vulnerability assessment and patch mitigation as in an integrated step in the process. Users can go from vulnerability identification to patch deployment in one easy step with complete role based access and without the need for lengthy reports and manual procedures.  In fact, this integrated process also includes protection against threats even if the patch is not deployed. Below is a screenshot directly from the Retina CS management console that highlights this functionality:

Essentially, eEye has plugged the remediation process directly into vulnerability assessment. This removes the burden that analysts and users agree upon. How to shorten the time from vulnerability identification, report generation, and patch mitigation to nearly day zero with out the need for tons of reports and manual intervention. Environments with strict segregation of responsibilities can also benefit from this approach due to the unique role based capabilities built into the solution.

For more information on how eEye can help integrate your remediation process directly into vulnerability assessment, please click here.

Additional articles

Are you a Target? Investigating Security Breaches with Kevin Johnson

Last week, over 1,000 IT security professionals watched as Kevin Johnson, CEO of Secure Ideas, presented his expert opinion on lessons learned from recent, high-profile retail breaches. Here’s a summary of key takeaways from the webcast plus an on-demand recording of the full, 60-minute presentation. Understanding the “why” behind attacks According to Kevin, the primary…

Post by Chris Burd April 17, 2014
Tags:
, , , , ,

Vulnerability Expert Forum Highlights: April 2014

We had a great turnout for last week’s April 2014 Vulnerability Expert Forum (VEF) webcast. BeyondTrust Research experts, Carter and DJ, provided in-depth knowledge about the latest vulnerabilities and their potential impacts on network environments. Below are highlights from the Forum, plus an on-demand video of the presentation. Latest critical vulnerabilities, vendor patches, and zero-day…

Post by Chris Burd April 16, 2014
Tags:
, , , , ,
BI-5.1-user-asset-visibility-img

Understanding Who Has Access to What with BeyondInsight v5.1

Today, it’s my pleasure to introduce you to BeyondInsight version 5.1, the latest release of our IT Risk Management platform, which unifies several of our solutions for Privileged Account Management and Vulnerability Management. BeyondInsight v5.1 embodies BeyondTrust’s mission to give our customers the visibility they need to make smart decisions and reduce risk to their…

Post by Morey Haber April 15, 2014
Tags:
, , , , , , , , , , , ,