Vulnerability management is a strategic component of any advanced threat defense strategy, providing benefits at multiple layers of a defense-in-depth security architecture Credit: Thinkstock In the information security space, a vulnerability is a weakness in which it allows an attacker to reduce a systems information assurance. It is the intersection of three elements – a system susceptibility or flow, attacker access to the flow, and attacker capability to exploit the flow. In order to exploit a vulnerability, an attacker can use various tools or techniques to connect to a system weakness and it’s also known as attack surface. A threat is a communicated intent to inflict harm or loss to the information system and it is considered an act of coercion.Most recent attacks exploit known vulnerabilities for which a patch or mitigating control was available. This makes vulnerability management a strategic component of any advanced threat defense strategy, providing benefits at multiple layers of a defense-in-depth security architecture.Attacks launched at the beginning of this year against organizations in North America involved a zero-day privilege escalation vulnerability affecting windows. Researchers found the attackers first compromised the targeted system and achieved remote code execution via the malicious documents attached to spear-phishing emails, and then they used the CVE-2016-0167 exploit to run the code with system privileges.Verizon Data Breach Q1 2016 Report shows that the threat actors exploited an easily identified vulnerability in the payment application, leading to the compromise of customer PII and payment information. Hackers are consistently looking for vulnerabilities that they can exploit to gain access to corporate networks and systems, financial data and more. Organizations acquire capital funds and purchase the latest and greatest threat and vulnerability mitigation strategy by investing thousands of dollars; unfortunately, a strategic plan to move forward and maintain the new technology are often overlooked. This results in new technology providing a false sense of security as operating budgets do not take into account the time to support, maintain and operate the new technology – thus it becomes ineffective and leaves platform with open holes. Threat actors have the upper hand when technology is not maintained and they develop ways to circumvent how it works and its weaknesses. Cloud, mobile and IoT require an innovative and different approach to assess vulnerabilities than the traditional windows and Linux servers and workstations required.Today, most IT managers try to find the answer to the question “We have found 500 vulnerabilities and can fix 300 of them quickly. So how to prioritize which one to fix first and then next?” Threat and vulnerability management is a tedious and time consuming manual process that most of the enterprises use, and require business context in order to implement the remediation plan. Enterprises need to design a solution to support vulnerability life cycle management providing automated workflow, reporting and collaboration capabilities. At the same time required coordination and planning with business owners is necessary in order to minimize the impact to the service availability and downtime. Security engineering teams at times spend lot of time planning, deploying and testing the vulnerability patching in non-production environment before applying the patches to the production environment because businesses don’t want any service interruption that would impact revenue.Threat and vulnerability management is a process of identifying, analyzing, modeling, simulating the potential impact and risk thereby planning to remediate security threats and weaknesses. The program could covered:Asset inventory managementVulnerability scanningVulnerability assessment and analysisVulnerability remediation and mitigation planningRisk and threat modeling and impact analysisPenetration testingThreat and vulnerability management program managers need to deliver effective vulnerability management for traditional and emerging technologies in growing, perimeter-less IT environments including mobility, cloud and IoT. To ensure a successful vulnerability management program, security leaders need to verify the effectiveness of their threat and vulnerability management efforts and align these with business context and objectives. Assessing the impact of potential threats to evaluate their risk will become a primary tool in managing the large volume of vulnerabilities that enterprises need to detect and remediate on an ongoing basis in order to prevent the cyber advisories and data breaches. Related content opinion The change in hacker tactics – and security technologies to thwart them The real challenges in front of security professionals are the evolution and innovation of threats, and changes in the behavior of attacker’s tactics. By Ajay Kumar Oct 02, 2017 4 mins Data Breach Hacking Data and Information Security opinion How to protect sensitive data and limit risk of data exposure or leaks? Data Obfuscation (DO) techniques offers different ways to ensure data remain protected from falling into wrong hands yet fewer individual can access the sensitive information to meet the business requirement. By Ajay Kumar Feb 24, 2017 4 mins Data Breach Data and Information Security Security opinion A look back to 2016 and what to expect in 2017 in cybersecurity space The security industry’s biggest challenges are to improve the lifecycle of threat defense effectiveness by moving the curve ahead of advisories. By Ajay Kumar Dec 15, 2016 6 mins Internet Security Internet of Things Cloud Security opinion The unlimited potential of IoT and security challenges IoT security has not been up to date with the rapid pace of innovation and adoption creating substantial safety, privacy and economic risks By Ajay Kumar Nov 18, 2016 4 mins Internet of Things Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe