Page 18 - Cyber Warnings August 2017
P. 18

Finding the Needle in the Stack of Needles

               The vulnerability management adage “finding the needle in a stack of needles” is the problem
               TCVM aims to solve. Here’s how it does it:

                   •  Discover: Gather data on the vulnerabilities within an organization’s systems and
                       incorporate them into a comprehensive model of the network and its assets

                   •  Add threat intelligence: Through feeds and security analyst research, know which
                       vulnerabilities are actively being exploited in the wild, packaged in publicly available
                       attack tools or have published PoC exploit code available.

                   •  Prioritize: Using the model and threat intelligence, simulate how attacks could play out
                       in a unique network, considering existing security controls or weaknesses, and analyze
                       results


                   •  Remediate: Apply available patches or other compensating controls (e.g., IPS
                       signatures, access rules, configuration changes) to prevent exploitation; the urgency of
                       remediation is aligned with the threat posed by (e.g., responding within a day or less is
                       crucial in new campaigns)

                   •  Track and monitor: Track remediation to ensure threats are neutralized and monitor
                       remaining vulnerabilities for changes in exploitability or exposure

               Taking the TCVM approach takes vulnerability management beyond the standards of yesterday
               and puts it in the reality of today’s networks, security and threats.

               About The Author

                                                       Marina Kidron is the Leader of the Skybox Research Lab at
                                                       Skybox Security, a dedicated team of security analysts who
                                                       daily scour data from more than 30 public and private
                                                       security feeds and investigate more than 700,000 sites on
                                                       the open and deep web. Kidron has more than 10 years of
                                                       experience in business and statistical data analysis, data
                                                       modeling and algorithms development, working for
                                                       companies in fields of IT, mobile technology, internet and
                                                       financial services. Kidron holds a Master’s in Political
                                                       Marketing and a Bachelor of Computer Science and
                                                       Mathematics.  Marina can be reached online at
                                                       [email protected] or @MarinaKidron on
                                                       Twitter and at our company website
                                                       https://www.skyboxsecurity.com/






                    18   Cyber Warnings E-Magazine – August 2017 Edition
                         Copyright © Cyber Defense Magazine,  All rights reserved worldwide.
   13   14   15   16   17   18   19   20   21   22   23