The attacks have been thick and steady, and the relentless hackers appear hell bent on taking control of as many vulnerable systems as possible. This article will focus on providing some basic guidelines that will serve to assist you in conducting your own vulnerability management and performing scans against your own systems and networks, in the hope that you will identify and remedy any serious vulnerabilities and bugs in advance of the unyielding hackers, ultimately resulting in computer systems that are secure and protected.
Remediation of network vulnerabilities is something to consider, ideally before hackers exploit the weaknesses! Effective remediation entails continuous processes that together have become known as Vulnerability Management. Vulnerability management can assist organisations efficiently find and fix network security vulnerabilities. Systematic use of these processes protects business systems from ever more frequent viruses, worms and other network-borne attacks. The process of vulnerability management goes far beyond the traditional vulnerability scanning efforts, and generally involves a number of well-defined and structured steps, carried out on a continuous basis over time.
The Continuous Processes of Vulnerability Management
- Create security policies & controls
- Track inventory / categorize assets
- Scan systems for vulnerabilities
- Compare vulnerabilities against inventory
- Classify risks
- Pre-test patches
- Apply patches
- Re-scan and confirm fixes
Everything starts with a policy
Policy management is critical. Enterprise policies start at the top of an organisation and require executive oversight. Policies determine the nature of controls used to ensure security, such as standard configurations for all security devices and applications including antivirus, firewall and intrusion prevention. Policies and controls also should include servers, network services, applications and ens-user PCs. In the past, policy management was a manual, cumbersome process. New software tools can automate some aspects of policy management and enforce configurations on endpoint devices. Automation saves time, improves accuracy and lowers total cost of ownership.
It is only possible to secure what you know you have. You need to find vulnerabilities before you can fix them. Creating and maintaining a current database of all IP devices attached to the network is an absolute must. It is also useful to categorise assets by business value to prioritise vulnerability remediation. An accurate inventory ensures that you select and apply the correct patches during the remediation phase. Discovering devices, software and services and tracking this inventory can be done manually. However, it is possible to automate the entire discovery and tracking inventory process with automated scanning software tools.