Vulnerability Management in 2017: Knowing Is Still Only Half the Battle

BY

An accelerating vulnerability landscape

As organizations work to accelerate their digital transformations and infrastructure becomes increasingly more dynamic, security vulnerabilities continue to be a major concern. Taking into account the sheer number of known vulnerabilities, it is becoming increasingly difficult to effectively manage the problem. Also, as organizations move more and more applications to public cloud and increase use of containers, they are faced with managing the impact of these technologies on their security and compliance posture. For most organizations, the biggest challenge is determining where to focus their finite number of security and operations resources against a constantly changing set of security vulnerabilities which are being targeted by increasingly sophisticated attacks.

Prioritization is key

In order to better prioritize security vulnerabilities, contextual information from the security team and operations team is critical. This includes key security information like the severity of the vulnerability and the origin of the risk. It also includes understanding the nature of assets and data that might be exposed as a result of the vulnerability being exploited. Another important data point is whether a patch is available and when it can actually be deployed. This combination of security and operational context is required in order to effectively automate the remediation.

Accelerating remediation through actionable intelligence

Security teams focus on finding and tracking vulnerabilities, and while operations teams are tasked with fixing those vulnerabilities, their focus is on maintaining appropriate levels of performance and availability. This presents conflict for the operations team, as fixing the vulnerabilities often impacts availability of the impacted systems. Security and operations teams require a way to significantly reduce the risk to their organization, while meeting each team’s respective goals.

What’s needed is to combine the results of vulnerability scanners with the operational and business context of IT automation tools in order to create a standard and repeatable process for vulnerability management. The ideal end state is to ensure that organizations are focusing on the highest risk vulnerabilities as they work to find and remediate the full spectrum of security risks. This requires a closed-loop process that enables security and operations teams to accelerate remediation through automation, create a feedback loop to track progress over time, and drive continuous improvement.

The challenges described here are not insurmountable. In fact, with the right tools and processes, security vulnerabilities can be detected, prioritized and remediated in a way that minimizes business impact, reduces the attack surface, and maximizes security.

Related posts:

See SecOps Response Service in Action: Watch a Demo


SecOps Response Service helps security and IT operations teams prioritize and remediate risks based on potential impact to the business.

Watch a demo ›

These postings are my own and do not necessarily represent BMC's position, strategies, or opinion.

Share This Post


David Cramer

David Cramer

David Cramer joined BMC in 2015 and serves as Vice President of Product Management for the Cloud/DCA business unit. Prior to BMC, David was head of product management for CA Technologies. During his tenure at CA, David was responsible for application delivery, cloud management, virtualization and Infrastructure automation solutions. Before joining CA, David held executive positions at AlterPoint, Motive, NetSolve, and Nortel Networks. David’s focus is on Continuous Delivery, Cloud Management and web scale IT. David received his MBA from Southern Methodist University and a BS in Finance from Georgia State University.