Do you think you have an optimal Vulnerability Management (VM) Program set up or perhaps, you are not so sure? Well, we have the test for you. Here are Five Indicators you need to be able to check off before you can say your VM Program is “Smart”:
Smartness Indicator #1 – Automation
Let’s start with the most obvious Smart indicator – automating vulnerability alerts. But let’s up the game – Do you have tuned automated alerts across the entire IT stack including web applications, network and devices and API’s? You are not trying to manually compile those alerts for a composite view of the truth, are you? – that would not be smart.
Smartness Indicator #2 – Accuracy
Of course, you have accuracy – that’s nothing to do with Smartness one might say – that’s Vulnerability Management 101. But actually, the advance of automated alerts has created an exponential growth in noise – false positives – and a sizable part of the security team’s workday is manually removing these false positives. This is far from strategic VM – this is far from Smart. If one adopts a hybrid model where integrated security experts ensure virtual false positive-free alerts – then you can check this one off of your list.
Smartness Indicator #3 – Contextualized Intelligence
Alerts on their own are dumb. Each real discovered vulnerability across each layer of the attack surface represents a potential business problem. The actual significance of each impacted business problem is itself highly dependent on the nature of the business and the particular business processes. At the end of the day, one needs a singular view of what vulnerabilities matter the most to your business. And you need that continuously. Reacting to what matters – what has impact – is Smart. Automated, accurate and ranked vulnerabilities on one dashboard is Super Smart. Can you check this one off of your list?
Smartness Indicator #4 – Continuous Attack Surface Management
The attack surface evolves. A productive web application with public internet-facing exposure may have had its day in your marketplace. A seemingly innocent decision to mothball that service but keep it alive just in case it is needed for special cases, has now become a playground for a hacker looking for access. For the global enterprise, every day there is a myriad of evolving attack surface exposures that need to be continuously and accurately monitored. Does your current Attack Surface Management Program guarantee that? Only 100% “Yes” answers can check this one off of your list. Flying blind is not Smart.
Smartness Indicator #5 – Operational Smartness Enablement
So, if you have checked all four on the list above – on the one side, you have accurate, business-ranked vulnerability intelligence alerts across your entire attack surface, but on the other side of the house – you have an Operational Support Team. They have their own day job. They are not in possession of this intelligence nor do they have security expertise to know how to specifically remediate the issue. Remember we are not in a spot-the-vulnerability competition. The end game here is to actually resolve the issues that matter the most. The end game is to make your Enterprise resilient. You can check this box if you have integrated ranked alerts with specific remediation guidance into the daily workflow of your Operational Support Teams. If your Ops Team rolls their eyes at your “Yes”, then you do not have it.
Is This Checklist Realistic in 2022?
Have we set the bar too high with this Five Box Smart VM check list? Is this even available today? Well in fact, these are all core features of the Edgescan Smart VM Platform and its clients are enjoying its benefits today. Edgescan clients can easily say they are Smart. Do we need to talk?
Like to learn more Why Smart VM Matters, click Read Whitepaper