News Stay informed about the latest enterprise technology news and product updates.

Vulnerability management programs need an upgrade for the cloud era

Gone are the days of simple, easily secured corporate networks. The proliferation of cloud computing, virtualization and containers means that the network is changing constantly, said Nate Palanov, solutions marketing manager, vulnerability management, at Rapid7.

More employees work remotely on smartphones and laptops, thus changing the definition of endpoint, he said. These employees also have access to sensitive customer data via cloud productivity apps like Salesforce, he added.

Attackers were previously focused on hitting servers, so security teams invested heavily in preventive measures like firewalls, intrusion detection systems and intrusion prevention systems, he said. But they have now adapted to focus on the users, he said. As a result, security professionals should refrain from security strategy complacency, especially when it comes to their vulnerability management programs.

“We really have to modernize what our concept of vulnerability management is for this modern infrastructure and modern information security program,” he said during the recent Cloud Security e-Summit hosted by MISTI.

Palanov suggested three key principles that modern vulnerability management programs should adopt:

  • Complete ecosystem visibility, or the ability to view an organization’s entire infrastructure across clouds, containers and applications in the network.
  • Remediation workflow automation that automates, as much as possible, prioritization and the actual fixing of vulnerabilities.
  • SecOps agility to break down the barriers between different teams, allowing them to work closely with IT and infrastructure teams to offset vulnerabilities in the network.

When establishing complete ecosystem visibility, it is important to understand the changing attack surface stemming from the cloud and related technology, he said.

For remediation workflow automation, it is essential for vulnerability management programs to prioritize weaknesses like attackers do to understand what vulnerabilities that an attacker would go after first, he said.

“From that, automate manual processes like patching and ticketing as much as possible … so security teams can focus less on manual fixing and more on thinking strategically and understanding the bigger threats out there.” Palanov said.

It’s also important vulnerability management programs include steps that track and measure the effectiveness of remediation efforts so that teams can get ahead of potential issues before they happen. Evaluating where they are falling behind, where they are doing well and how to realign limited resources are all crucial steps in the process, he said.

For SecOps agility, it is crucial for the security team to work directly with the IT infrastructure and development teams to integrate security processes earlier in the software development lifecycle. Being able to look at network vulnerabilities, application vulnerabilities and user vulnerabilities together will help security teams work with the other departments and holistically understand the actual risks in their environment and how to address them, he said.

“It is important to position security as something that enables innovation and growth, not something as an after-thought that’s going to slow things down and hinder things.”

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

I agree cloud security is one of the important issue these days which need to be taken into account. As a solution, individuals associated with cloud domain should equip themselves with cloud security knowledge and skills and to do so one option is training. Cloud security professional - CCSP is a well-known certification offered by ISC2, which is handy to gain requisite security skills.

I heard of cloud security knowledge as well it covers content from cloud security alliance and European Network and information security agency (ENISA).
Cancel

-ADS BY GOOGLE

SearchCompliance

SearchHealthIT

SearchCloudComputing

SearchMobileComputing

SearchDataCenter

Close