Written By Michael Bunyard And Presented By Ziften CEO Charles Leaver
Having a look through the Cisco 2015 Midyear Security Report, the consensus was that “the bad guys are innovating faster than the security community.” This is not an unique declaration and can be discovered in a lot of cyber security reports, due to the fact that they are reactive studies to previous cyber attacks.
If all you do is focus on unfavorable results and losses then any report is going to look negative. The fact is that the suppliers that are publishing these reports have a lot to gain from companies that wish to buy more cyber security products.
If you look carefully within these reports you will find excellent pieces of guidance that might significantly improve the security plans of your organization. So why do these reports not begin with this info? Well it’s everything about offering services isn’t it?
One anecdote stood apart after checking out the report from Cisco that would be easy for company security groups to deal with. The increasing vulnerabilities and exploits of Adobe Flash were detailed, and they are being incorporated frequently into exploit kits such as Angler and Nuclear. The Flash Player is often updated by Adobe, but a variety of users are sluggish to apply these updates that would supply them with the defense that they need. This means that hackers are making the most of the gap between the vulnerability being found and the upgrade patch being applied.
Vulnerability Management Is Not Resolving The Issue
You would be forgiven for thinking that due to the fact that there are an entire variety of services in the market which scan endpoints for vulnerabilities that are known, it would be really easy to make sure that endpoints were updated with the current patches. All that is required is for a scan to be run, the endpoints that require updating recognized, run the updates and job done right? The concern here is that scans are only run from time to time, patches fail, users will present susceptible apps accidentally, and the company is now wide open up until the next scan. Additionally, scans will report on applications that are installed but not utilized, which leads to substantial varieties of vulnerabilities that make it hard for an expert to prioritize and control.
What Is So Easy To Address Then?
The scans have to be run continuously and all endpoints monitored so that as soon as a system is not compliant you will learn about it and can react instantly. Constant visibility that provides real time notifying and substantial reporting is the brand-new requirement as endpoint security is redefined and individuals realize the era of prevention – first is over. Leveraging the National Vulnerabilities Database (NVD), each application that is actually running a known vulnerability can quickly be acknowledged, security personnel alerted, and the patch applied. Additionally, solutions can try to find suspicious activity from susceptible applications, like abrupt application crashes, which is a possible sign of an exploit effort. Finally, they can likewise identify when a user’s system has not been restarted since the last security patch was available.
There Definitely Is Hope
The good news about real-time endpoint visibility is that it works on any vulnerable application (not only Adobe Flash) because, hackers will move from app to app to evolve their methods. There are easy services to big issues. Security teams just have to be made aware that there is a much better method of managing and securing their endpoints. It simply takes the appropriate endpoint detection and response solution.