Barron Rosborough, 8/17/18 12:43 PM

Hundreds of millions of records have been stolen in recent corporate data loss incidents

河北20选5走势图表 www.pc5a.cn All of these compromised networks had patching programs in place. Yet every one of them fell victim to a KNOWN vulnerability, meaning that the weaknesses that hackers used were well described and discussed in the public domain and that, in theory, patches or work-arounds existed.

The obvious lesson is that automated patching solutions are not keeping up. Apparently neither were the enterprise grade firewalls, antivirus programs and IPS/IDS programs these major corporations had in place.

Patching Strengths and Weaknesses

Patching is vital. However, it has its costs and as the frequency of patch publication increases, a point may be reached where existing resources are not enough to keep up.

For example, Microsoft alone releases over 300 patches a year. A typical organization needs less than 30. Installing patches just because they were published means increasing downtime and taking the risk that a patch might break existing functionality - all of that unnecessarily. Additionally, many serious network vulnerabilities are not poor coding issues but rather configuration issues.

You may have every Microsoft patch in place, but if you are also running Linux, Mac, Cisco and Oracle devices in your network then patching as recommended by just the major vendors is not enough. Installing every patch from every vendor is an administrative headache to say the least.

Also keep in mind that most networks have accumulated applications and code that are no longer in constant use but are kept around, just in case. If these are not actively patched, then these offer an easy avenue for entry to your system.

Patching Headache? Here's Your Aspirin:

The term 'back door' is appropriate. The most elaborate home security system will not keep a thief from attempting to walk into a wide open back door. The known network vulnerabilities on your system today are that wide open door. Instead of adding more layers of alarms, how about just finding and closing the door?

Vulnerability scanning is the vital fourth pillar of your security strategy. Firewalls, antivirus and IPS/IDS react to attack while Vulnerability Assessment and Management will remove the incentive to attack at all.

Since nearly 90% of all data breaches are accomplished using known vulnerabilities, here's the best security strategy: Find your actual, current and real vulnerabilities and put your security resources to work eliminating them. Then, when your network has no known vulnerabilities, you can confidently put your attention on the issues that will actually move your company forward!

Find and handle your network vulnerabilities with beSECURE, the Automated Vulnerability Detection System, your web server vulnerabilities with WSSA and your application vulnerabilities using beSTORM.

  • 游江:游江闲画——猫的心事 2019-04-20
  • 第二章 在土地革命战争中开辟农村包围城市的道路 2019-04-20
  • 我相信“交警雨中护送高考生”是真,“交警雨中护送高考生”反被该高考生家长投诉是假。 2019-04-19
  • 6个关键词 教你读懂最新癌症预防报告 2019-04-16
  • 湖南衡阳一科目三考场请高僧开光祈福被责令整顿 2019-04-14
  • 端午假期国内游客超8900万人次 2019-04-14
  • 40载情定广彩 终练就“国大师” 2019-04-13
  • 孙实的专栏作者中国国家地理网 2019-04-13
  • 信息网络传播视听节目许可证 2019-04-09
  • 中国经济充当了世界经济发展的火车头。但是,作为世界经济火车头的中国,在世界主要经济体股市都走牛的情况下,为何熊途漫漫?这种不正常的现象,背后是我们资本市场的投融 2019-04-09
  • 入梅,湖北防汛如何应对 2019-04-07
  • 南宁市启用新能源汽车专用号牌 2019-04-07
  • 以古鉴今,习近平多次提及屈原 2019-04-07
  • 一粒红枸杞 父子两代情 2019-04-04
  • 【惊坛投稿】帮你上头条!来给“一语惊坛”投稿,下一个头条就是你! 2019-04-03
  • 119| 559| 81| 199| 133| 328| 946| 101| 191| 126|