Become a Vulnerability Management Guru in 10 Days
Vulnerability management has become the cornerstone of cybersecurity programs, and is critical to maintaining a strong security posture. As security issues abound with rapidly changing attack surfaces and advancements in technology, vulnerability experts are now a must-have for infosec teams. They are on the front lines of securing weak spots and guiding security posture strategy for organizations.
Unfortunately, this skill set cannot actually be learned in 10 days. The path to becoming an expert in any area of cybersecurity is rigorous and not for the faint of heart. However, developing a solid knowledge base so you can understand your attack surface and its vulnerabilities is fairly simple. In fact, you might be able to do it in 10 days!
Day 1 – Software Patches
Become familiar with software patches and the most common softwares in your enterprise that require regular patching. Topping the list of these is Microsoft, who provides monthly “Patch Tuesday” reports. Do some research on CVSS scores to get a better idea of the factors affecting vulnerability severity.
Day 2 – Misconfigurations
Learn about common misconfigurations that are exploited by hackers. Attackers regularly probe enterprise environments, looking for systems that can be compromised due to misconfiguration, and then attack them directly or indirectly. A prevalent misconfiguration among enterprises is default accounts or passwords being used on business critical applications. Many enterprises also fail to disable debugging. This can show attackers error messages that reveal propagation methods.
Day 3 – Weak Credentials
Understand “the password problem” and what leading enterprises are doing to combat it. Password strength is the most widely respected measure of cybersecurity, yet the password habits of many enterprise employees are abysmal. Hackers take advantage of this with password spraying attacks, where common passwords are tried on targeted user accounts. This technique is leveraged in 40% of Microsoft account compromises.
Day 4 – Phishing, Web & Ransomware
Know the most common phishing tactics and behaviors that put users at high-risk of being phished. 37.9% of people who don’t undergo cyber awareness training fail phishing tests, so large enterprises are almost sure to have users who get phished. Phishing can either take the form of manipulating a victim to share sensitive information or baiting them into clicking something that executes malicious code.
Day 5 – Trust Relationships
Learn which configurations have the highest likelihood of being exploited in a breach. Company networks are configured to enable collaboration and accessibility for employees. Attackers will exploit trust relationships between systems to move laterally across an organization’s network and create a major breach.
Day 6 – Compromised Credentials
A whopping 80% of breaches are due to compromised credentials. There are various methods attackerscan use to steal credentials that you should be aware of. Intercepting and extracting login info from unencrypted or incorrectly encrypted communications is one such method. Reuse and sharing of passwords by users across different systems also helps attackers to steal credentials.
Day 7 – Malicious Insiders
If an employee went rogue, do you know the level of damage they could do to the business? Become knowledgeable on the different privileges that users in your organization have and the controls in place to prevent exfiltration of sensitive data. It is also important to lay out a disaster recovery plan in the instance that a malicious insider impairs business critical systems.
Day 8 – Missing/Poor Encryption
Identify which systems need to have encrypted communications. Then, try to determine the level of encryption necessary for each. Many attackers will lie in wait after an initial breach and observe unencrypted communications, looking for login information or intel that allow them to impersonate a user or system.
Day 9 – Zero days and Unknown Methods
Zero day attacks are difficult to prepare for because there is no available fix. In these cases, attackers have discovered an exploitable bug that has not yet been reported to the software vendor. Study past zero day attacks and learn different tactics for mitigating the severity of these breaches.
Day 10 – Deploy Real-Time Technology
Balbix continuously analyzes the enterprise attack surface for all 9 types of vulnerabilities. It provides risk items prioritized by vulnerability severity and heatmaps to understand your most vulnerable areas from a business perspective. Request a demo to take a tour of the platform.
*** This is a Security Bloggers Network syndicated blog from Blog – Balbix authored by Nate Bradford. Read the original post at: https://blogs.balbix.com/become-a-vulnerability-management-guru-in-10-days