Home » Cybersecurity » Threats & Breaches » Vulnerabilities » What’s New and Changing in the World of Vulnerability Management?

What’s New and Changing in the World of Vulnerability Management?

According to CIS, “Organizations that do not scan for vulnerabilities and proactively address discovered flaws face a significant likelihood of having their computer systems compromised.” While vulnerability management (VM) isn’t new, I’ve seen it evolve a lot over my 22 years in the industry. Here are some big trends:

Assets are Diversifying. Fast.

The idea of an asset has changed and grown over the years. Back in the ‘90s, it was a PC or a server. Then came laptops and mobile devices, and now we have containers, thermostats, watches and more.

These assets may not be running on a full operating system. They may all have different interfaces. So how do you look for vulnerabilities across different assets?

Traditionally, you have three options to look for vulnerabilities: you could install an agent, scan the devices remotely and analyze the traffic responses or use credentials to log into the device. While these are still valid techniques, they do not always work on IoT devices, so now we also look at API calls and management software queries to determine the state of assets.

Agents Making a Comeback

Where do agents make the most sense, and where is agentless still the better method? In a sense, agents have come back around. Years ago, they required large amounts of disk space and even more memory. Many of us remember AV agents slowing down systems to a crawl.

Now they can sit on a device without eating up as many resources. There are two places they’re especially good:

1. Critical servers: You can set up agents on critical servers to do assessments in almost real-time so you can find out right away when any changes happen or any new vulnerabilities are introduced.
2. Laptops: Since these aren’t guaranteed to be on the network during (Read more...)