Page 27 - Cyber Defense eMagazine Annual RSA Edition for 2024
P. 27

effectively prioritize their remediation efforts and remediate the most pressing threats before attackers
            can exploit them.



            Exposure Management Adds a Critical Element: Validation

            The idea that organizations need to know where their vulnerabilities lie is not a new one. In fact, many
            security vendors already offer certain elements of exposure management that have proven extremely
            helpful to modern organizations. They can perform discovery operations, identify potential vulnerabilities
            and security gaps, and many can even provide some form of prioritization and mitigation to help users
            better understand which vulnerabilities are the most dangerous and how they can be addressed. These
            capabilities are a major step forward for modern organizations, many of whom were previously struggling
            with a laundry list of exposures and no way to know which were important and which could be safely
            ignored.

            But those capabilities aren’t enough in today’s threat environment. They omit a key piece of the puzzle:
            validation. Validation is what makes modern exposure management solutions different. While previous
            solutions could prioritize exposures based on opaque metrics, solutions equipped with security validation
            capabilities test each vulnerability against simulated attack activity. Knowing that a vulnerability exists
            isn’t  enough—in  order  to  understand  the  actual  risk  it  poses,  organizations  must  know  whether  an
            attacker can actually exploit it. Is there a valid attack path that leads to exposed assets? Are there other
            security controls effectively compensating for the vulnerability? This information can significantly impact
            whether or not a given vulnerability is a priority, and the only way to obtain it is through security validation.



            Adding Context to Critical Security Decisions

            Validation is at the core of a successful exposure management program. It’s critical to have an exposure
            management platform that can provide an aggregated view of potential vulnerabilities—one capable of
            engaging in continuous scanning and integrating with other security tools like Cloud Security Posture
            Management (CSPM), endpoint detection and response (EDR), asset management databases, and other
            solutions that have become essential in today’s threat landscape. Further, organizations must break
            down the siloes between those solutions to achieve a more holistic view of network security.

            Once that has been achieved, organizations can begin answering the important questions: What areas
            are  exposed  because  they don’t have  the  right controls?  What  systems are  vulnerable  to  emergent
            threats? How are they at risk and what attack paths are the most dangerous? Validation provides a critical
            source of truth that can help answer all of these questions. Put simply, validation works in four distinct
            stages:

               •  KNOW: During this stage, organizations engage in discovery, building an inventory of assets and
                   aggregating  exposures,  vulnerabilities,  weaknesses,  and  security  gaps  from  across  other,
                   integrated solutions. By understanding potential control gaps and attack paths, the organization
                   can begin building a risk profile of its attack surface.







                                                                                                              27
   22   23   24   25   26   27   28   29   30   31   32