On Demand Vulnerability Assessment & Management

Each month, around 40 new vulnerabilities* in software and hardware devices appear. This situation is the favorable environment for the generation of new types of cracker attacks and for the access of virus and worms to your company.

In the past few years, Internet's widespread use has favored the improvement and automation of increasingly harmful attacks to networks and devices by providing easier-to-use tools. What used to be simple, unsophisticated attacks – such as exploiting failures in operating system configurations or obtaining password files – continued to evolve as time went by. Nowadays, we are faced with ever more sophisticated attacks, performed by more specialized and experienced attackers.

This complex reality cannot be addressed from a reductionist point of view – without considering the context – or from an approach distorted by marketing.

Today, most companies "defend" their networks by means of antivirus software, firewalls, IDS (Intrusion Detection Systems) and IPS (Intrusion Protection Systems). Unfortunately, these tools are necessary, but they are not enough. Moreover, they make users feel a false sensation of security.

• Antivirus software does not detect attacks, and it does not solve vulnerabilities.
• Firewalls – in a way – make the issue worse by trying to calm buyers down with the story that everything will be solved by buying one product. Besides, they are the entry point for attackers.
• 97% of firewalls only work as incoming/outgoing traffic validators. Only 3% of firewalls have attack pattern recognition capabilities.
• 50% of installed firewalls does not receive firmware updates.
• The number of false positives generated by firewalls and IDS, questions the performance of automatic responses (IPS).
• Firewalls and IDS do not know the infrastructure of servers (or their mutations).
• IDS and IPS are reactive – they do not report vulnerabilities.

Traditional Vulnerability Assessments* which allow to identify devices and networks vulnerabilities, do not report intrusions or work reactively – reasons why they are generally regarded as audit reports.

Due to this complexity, evolution generated a paradigm change for companies to be able to face up to their security failures.

Managed Vulnerability Assessment allows now to integrate all the participants through internal/external remediation, documentation and reporting workflows, giving users the possibility of interacting with their companies' security state, in a continuous and cooperative process.
They are not expensive, which allows to repeat them frequently, reinforcing the concept of "security = process", and they help carry out the complex processes to "be in compliance".

The higher our focus on proactive processes and tools – such as vulnerability assessment – the lower the investment cost will be.

"Enterprises that implement a vulnerability management process will experience 90 percent fewer successful attacks than those that make an equal investment only in intrusion detection systems". Gartner.

Glossary(*)

¿What are vulnerabilities?

They are issues or errors that can be used maliciously to make a system operate improperly. Vulnerability is the quality or state of being vulnerable.

¿What isVulnerability Assessment?

It is a process for the identification of networks and devices vulnerabilities, performed before intruders can exploit such security failures. The result is the same – it must prove whether the network security complies with established policies.