BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Plugging Into Your Remediation Process

Posted June 21, 2011    Morey Haber

My team and I have spoken with a number of analysts and have confirmed that the plethora of vulnerability assessment solutions on the market share a common trait and a common flaw, the shear volume of reports that can be created based on a vulnerability assessment. Every scan can lead to a myriad of hosts and vulnerabilities that need remediation and pages upon pages of work for another team to execute upon. This is where Unified Vulnerability Management plugs into a remediation process. In some organizations, this process is a paper based report (or PDF) forwarded to the server or desktop administration team to apply security patches or a process of opening help desk tickets to various team members to perform remediation. Both of which is very labor intensive. Some organizations have embarked on patch management integration to streamline the process and others believe in a separate and distinct separation of duties.

The process regardless of the internal procedures to pass data generally looks like this:

An assessment finds the vulnerability, something or someone mitigates the security risk, the risk is verified remediated, and final reports trend the progress over time. The labor intensive process occurs between the first two steps as volumes of reports are produced and an administrator must decipher them to apply the appropriate patch and ultimately deploy it using tools or even “sneaknet” for all affected systems.

This is where eEye can help. eEye’s Unified Vulnerability Management approach considers the vulnerability assessment and patch mitigation as in an integrated step in the process. Users can go from vulnerability identification to patch deployment in one easy step with complete role based access and without the need for lengthy reports and manual procedures.  In fact, this integrated process also includes protection against threats even if the patch is not deployed. Below is a screenshot directly from the Retina CS management console that highlights this functionality:

Essentially, eEye has plugged the remediation process directly into vulnerability assessment. This removes the burden that analysts and users agree upon. How to shorten the time from vulnerability identification, report generation, and patch mitigation to nearly day zero with out the need for tons of reports and manual intervention. Environments with strict segregation of responsibilities can also benefit from this approach due to the unique role based capabilities built into the solution.

For more information on how eEye can help integrate your remediation process directly into vulnerability assessment, please click here.

Additional articles

pbps-customer-campaign-image

You Change Your Oil Regularly; Why Not Your Passwords?

Posted September 11, 2014    Chris Burd

There are many things in life that get changed regularly:  your car oil, toothbrush and hopefully, your bed sheets.  It’s rare that you give these things much thought – even when you forget to change them. But what if you’re forgetting something that can cost you millions of dollars if left unchanged for long periods…

Tags:
, , ,

On-Demand Webcast: The Little JPEG that Could (Hack Your Organization) with Marcus Murray

Posted September 10, 2014    Chris Burd

IT security has come a long way, but every once in a while you see something that makes you think otherwise. Every day, internal and external hackers breach and traverse “secure” environments, making you wonder just how easy it is for attackers to completely compromise your network. In a new on-demand BeyondTrust webcast, Marcus Murray,…

Tags:
, , , , ,

Retina Vulnerability Audits – September 2014 Patch Tuesday

Posted September 9, 2014    BeyondTrust Research Team

The following is a list of Retina vulnerability audits for this September 2014 Patch Tuesday: MS14-052 – Cumulative Security Update for Internet Explorer (2977629) 35141 – Microsoft Cumulative Security Update for Internet Explorer (2977629) 35142 – Microsoft Cumulative Security Update for Internet Explorer (2977629) – IE8/2003 35143 – Microsoft Cumulative Security Update for Internet Explorer (2977629) – IE8…