Identification of resources prone to risk

The identification and prompt elimination of known vulnerabilities is increasingly problematic, as the complexity and proliferation speed of attacks are skyrocketing. To be able to act effectively, a clear understanding of the current threat situation of your own IT is a vital precondition.

Sadly, the answers of IT security officers or of the IT management on the subject of vulnerability management are often fuzzy, like "We had our last audit 18 months ago, and we've eliminated the vulnerabilities we found back then, but we don't know anything about the current status" or "We patch our key systems every six months, but we do not have an overview of the current vulnerabilities on the systems."

Ask yourself the following questions

• Do we know each and every system that exists in our networks?
• Do we know all applications running on the systems in our networks?
• What vulnerabilities exist on the systems (operating systems and applications)?
• How high are the dangers from unknown systems, applications, and vulnerabilities?
• Accordingly, what is our current security level?
• Does the security level match the corporate standards?
• How has the security level changed over the past months?
• Which tools do we use to identify systems and weaknesses?
• How to we rate identified vulnerabilities?
• How can we forward the information about identified vulnerabilities to the administrators in order to eliminate these?
• How can we regularly check whether the identified vulnerabilities have actually been eliminated?

It is an established fact that the greatest danger arises from apathy to existing vulnerabilities that have already been identified. Today it is easier than ever to remedy these efficiently, e.g. with a vulnerability management system. Often, the methods that many companies use to find and eliminate vulnerabilities in IT systems are of a makeshift, poorly efficient nature. This ought to be different, as the market offers instruments that ensure the detection vulnerabilities in diverse systems and applications in a quick, precise, and priority-controlled manner and that enable the mapping of the entire patch management process including responsibilities.