Monday, December 16, 2024
info@businesstelegraph.co.uk
Business Telegraph
security

Benefits of risk-based vulnerability management over legacy VM – TechTarget

June 12, 2023
posted on


arthead – stock.adobe.com


Ravi Das

By

Vulnerability management has always been a go-to security strategy to help teams identify, assess and remediate security issues. Legacy VM tools are often reactive, however, and can cause teams to suffer from alert fatigue, among other challenges. Because today’s organizations don’t face only legacy attacks, a new approach is needed. That’s where risk-based vulnerability management comes in, offering organizations a proactive, real-time approach to the process.

Benefits of risk-based vulnerability management

RBVM is advisable to assess risk over legacy VM products because it offers the following six major benefits:

  1. Improved threat intelligence. RBVM tools ingest real-time data through AI and machine learning capabilities to discover new weaknesses or gaps in assets more quickly. Security teams can then remediate vulnerabilities more quickly. Many RBVM tools also offer automation features that fix vulnerabilities when detected.
  2. More risk metrics and scores. RBVM offers various risk metrics to help security teams assess how exposed an asset is to cyberthreats. RBVM metrics include the following:
  • Asset criticality highlights which assets are mission-critical to a business.
  • Severity of risk represents an asset’s level of risk. Tools often use categories between 1 and 10. For example, an asset with a severity risk score from 2 to 4 would represent a lower-level risk, 5 intermediate and 6 to 10 higher levels of risk.
  • Probability of attack is the odds an asset could be affected by a malicious payload.
Readers Also Like:  ChatGPT’s growing Chinese user base puts AI chatbot to the test - South China Morning Post
  • Higher accuracy. RBVM tools provide organizations with more accurate threat intelligence than legacy VM tools. Security teams can use this real-time threat intelligence data to quickly identify and remediate asset vulnerabilities.
  • More holistic picture. Security teams get a broader picture of their attack surface and the threat environment it faces with RBVM. This enables them to take a proactive approach to vulnerability management, which results in quicker deployment of controls to protect assets.
  • Real-time protection. Legacy-based approaches often offer snapshot views of asset risk levels, and only for a specific time period. Legacy VM tools might not accurately reflect the risk changes — for example, an asset that previously had a risk value of 1 that recently changed to a value of 6. RBVM fixes this by providing real-time risk scoring, enabling security teams to act more quickly.
  • Automation. AI and machine learning help RBVM assess the levels of risk a company’s assets face. This results in automating mundane tasks, so the security team can focus on higher-priority issues, among other benefits.

    • RBVM factors to consider

    Many risk assessment products are available in the marketplace. It can be difficult for businesses to decide which is best for their specific needs.

    When evaluating RBVM products, remember that the product needs to address endpoints. An organization’s endpoints are where the lines of network communication originate and terminate. Endpoint security remains overlooked, and as a result, endpoints are popular targets for cyber attackers. Any RBVM tool should calculate the level of risk endpoints face.

    Also assess the product’s integration features. RBVM should be able to integrate with other security tools and processes, including network security tools, and collect data from other tools to accurately compute risk metrics.

    Readers Also Like:  The Nakba: 75 years after losing their Home, the Palestinians are ... - Informed Comment

    While legacy VM products were once a tried-and-true technology, they cannot keep up with the rapidly increasing sophistication and covertness of today’s cyberthreats. They provide a benchmark at a certain point in time, but modern organizations need RBVM, which can keep up with the cyber landscape on a real-time basis.

    This was last published in June 2023

    Dig Deeper on Threats and vulnerabilities






    READ SOURCE

    Related posts:

    1. NYC pol: MSG uninvited me after I called Dolan's facial recognition 'dystopian' – New York Post
    2. MAXAR TECHNOLOGIES INC. : Submission of Matters to a Vote of Security Holders, Other Events, Financial Statements and Exhibits (form 8-K) – Marketscreener.com
    3. Email Attacks are Evading Security Protections. Here's How Security … – TechDecisions

    You Might Also Like

    Recommended For You

    This website uses cookies. By continuing to use this site, you accept our use of cookies.