2. 1 What is Vulnerability Management (VM)?
2 Why is VM important?
3 Examples of vulnerability exploits
4 What the difference?
3. Vulnerability / Assess / Manage
• Vulnerability: a weakness of an asset or group of
assets that can be exploited by one or more threats.
• Assessment: process of identifying
vulnerabilities in computers and networks as well as
weaknesses in policies and practices
practices.
• Management: “process of attempting to identify
process
and mitigate security vulnerabilities within an IT
environment on a continuous basis” – Deloitte &
Touche
5. Why is vulnerability management important?
1990 s Hacker s
1990’s – Hacker’s would try
single exploit on host after host
Host #1
until they found a vulnerable
target to break into.
t tt b ki t
Exploit
H@ck3r
Host #3
Host #2
6. Why is vulnerability management important?
Targeted
Company Attack
Attack
#1 #4
Targeted
Attack Company
C Attack
Att k
#2 #5
Attack Attack
#3 #6
2008 – Hacker’s target and attack carefully identified
companies with an onslaught of attacks until successful.
7. Why is vulnerability management important?
Asset
Control
(Botnet)
Sensitive
Legal
Company
Compliance
Information
Vulnerability Exploits
Cripple Companies:
Customer
Reputation
Information Financial
Legalities
8. Master Lock –
The
Th most trusted consumer padlock.
tt t d dl k
Vulnerability #1: Combination Code Deduction
EXPLOIT: Deducing the code by removing uneven
number the lock stops at while under tension will
reveal code.
Vulnerability #2: Shackle Spacing
EXPLOIT: Shim made from soda can open lock.
9. Purpose of Vulnerability Management:
p y g
Examine the technologies in place and identify
vulnerabilities. Putting a system in place to continuously
compare the vulnerabilities to a policy, and systematically
mitigate these vulnerabilities to lower a company s
company’s
exposure to risk.
11. Cost of not managing vulnerabilities
Estimates the average data breach costs the company
$4.8 million.
• Average cost of $
g $182/ lost customer record
• Average 26,300 lost records per breach
12. Five Mistakes of Vulnerability
Management
Scanning but failing to act
act.
Patching same as VM.
Mistakes VM is only a technical problem.
Assessing without whole picture.
Unprepared for Zero Day exploits
Zero-Day exploits.
13. Is Nessus and/or Patching enough?
g g
Tools of Vulnerability
y
Management Life-Cycle
Prioritize Group Assess
Nessus
Remediate Discover
Scan
Nessus Security
Scanner
Report Verify
(Assess)
Microsoft
WSUS / Patching
g
MBSA
(Remediate)
14. Vulnerability Management Critical
• With a growing number of vulnerabilities,
coupled with the dynamic attack methods and
exploits in today's security landscape places
enterprise businesses at great risk.
p g
• Implementing a vulnerability management
process will help identify and remediate
vulnerabilities before exploits are used.
• Scanning and patching alone will not provide
the system to comprehensively lower a
y p y
companies security exposure and risk.