Vulnerability Management - RH-ISAC Blog

Digital transformation efforts continue to accelerate and are pivotal for industries to sustain business and ensure growth. The major challenge is securing applications against malicious bots. Marshalling the resources to achieve this requires explaining the quantitative and qualitative impacts bots have on your business in terms your board and C-Suite will understand. As a business…

The NIST Cybersecurity Framework was first drafted by the National Institute of Standards and Technology in 2014, with the latest version, version 1.1, following in 2018. It provides a set of guidelines for organizations looking to improve their overall security posture, particularly when it comes to risk management. The core tenets of the Framework can…

A vulnerability is a flaw or weakness in a system that, if exploited, would allow a user to gain unauthorized access to conduct an attack. Vulnerability management is the process of identifying, prioritizing, mitigating, and reporting on vulnerabilities to proactively reduce your cyber risk. The first step of that process, identifying, is where vulnerability assessments…

Best practices for vulnerability management really start with the network. By definition, network vulnerability management touches all aspects of your environment, every connected device, operating system, hardware, software, firewalls, and more. An unsecured Wi-Fi router, an IoT device with over permissive access control, or a firewall misconfiguration could be an entry point for an attacker…

It is likely that you already have a vulnerability management process in place, but perhaps you’d like to rate the effectiveness of that program and identify areas that you can improve. The SANS Vulnerability Management Maturity Model is a chart that can help you categorize your current program capabilities and develop a roadmap for improvement….

In 1999, the year that the CVE database officially began, there were 894 vulnerabilities identified. In 2021, there were 20,150. The number of vulnerabilities discovered each year has skyrocketed in the last few years, making vulnerability management an increasingly daunting task. With no way to remediate every vulnerability in their systems, security teams are focused…

A vulnerability is a flaw or weakness in a system that, if exploited, would allow a user to gain unauthorized access to conduct an attack. One of the most common types of vulnerabilities is bugs, or vulnerabilities that exist within software such as operating systems or applications. When one of these bugs is discovered after…

A vulnerability assessment is a comprehensive review of your information system, designed to identify weaknesses causing risk for your organization. Vulnerability assessments are essential in order to proactively prevent attacks and stay in compliance with regulatory requirements. The end result of a vulnerability assessment is a report that you can use as a roadmap for…

According to F5’s The State of the State of Application Exploits in Security Incidents report, web application attacks were the leading incident pattern among data breaches for six of the last eight years. Meanwhile, the number of new vulnerabilities discovered each year continues to rise, making it difficult for security teams to effectively keep up,…

In 2021, there were more than 20,000 common vulnerabilities and exposures (CVEs) added to the MITRE database. This number of annually reported vulnerabilities has been gradually climbing since the database’s creation in 1999, with a significant increase in volume over the last five years. As a result, it’s now become impossible for security teams to…