Need for Vulnerability Management.
⦁ According to CVE Details, the graph shows that each passing year has a higher count of vulnerabilities than the other.
⦁ It is also because of the large number of devices accessing your network, many endpoints that leave you open to the sophisticated attacks happening today.
⦁ It’s critical to proactively handle network vulnerabilities instead of managing them after an attacker has discovered them for you.
⦁ A vulnerability management program provides structured guidelines to help you evaluate and secure your network. Rather than ignoring vulnerabilities or risking that vulnerabilities are overlooked, this process can help you conduct a thorough search.
Vulnerabilities, Exploits and Threats.
⦁ Vulnerability :Vulnerability can be defined as “Weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source.”
⦁ Exploit :An exploit is a code that takes advantage of a software vulnerability or security flaw. It is written either by security researchers as a proof-of-concept threat or by malicious actors for use in their operations.
⦁ Threat : Threat A threat refers to a new or newly discovered incident that has the potential to harm a system or your company.
Some Well known Exploits:
1) SQL Injection : SQL injection is a code injection technique that might destroy your database. It is one of the most common web hacking techniques. Also, it is the placement of malicious code in SQL statements, via web page input.
2) Cross Site Scripting : Cross-site Scripting (XSS) is a client-side code injection attack. The attacker aims to execute malicious scripts in a web browser of the victim by including malicious code in a legitimate web page or web application. The actual attack occurs when the victim visits the web page or web application that executes the malicious code. The web page or web application becomes a vehicle to deliver the malicious script to the user’s browser. Vulnerable vehicles that are commonly used for Cross-site Scripting attacks are forums, message boards, and web pages that allow comments.
3) Broken Authentication : Authentication is “broken” when attackers are able to compromise passwords, keys or session tokens, user account information, and other details to assume user identities. Due to poor design and implementation of identity and access controls, the prevalence of broken authentication is widespread.
4) Security Misconfiguration : Security Misconfiguration arises when Security settings are defined, implemented, and maintained as defaults. Good security requires a secure configuration defined and deployed for the application, web server, database server, and platform. It is equally important to have the software up to date.
5) Cross Site Request Forgery : Cross-Site Request Forgery (CSRF) is an attack that forces authenticated users to submit a request to a Web application against which they are currently authenticated. CSRF attacks exploit the trust a Web application has in an authenticated user.
6) Insufficient transport layer protection: Insufficient Transport Layer Protection is a security weakness caused by applications not taking any measures to protect network traffic. During authentication, applications may use SSL/TLS, but they often fail to make use of it elsewhere in the application, thereby leaving data and session IDs exposed.
7) Obsolete version of Operating systems and applications : Obsolete! When the next version of operating system comes out, the previous one is deemed unwanted. This happens in a number of industries including automobiles, fashion, and entertainment devices
As a result, outdated software might not be able to withstand an up-to-date cyber-attack. So, if your outdated software includes the use, storage or application of data, that data becomes at risk. Your systems will be more vulnerable to ransomware attacks, malware and data breaches.
What DCS Provides in terms of Vulnerability Management:
⦁ Network Assessment
⦁ External & Internal Application & Database assessment
⦁ End user device assessment
⦁ AD assessment
⦁ Cloud assessment
⦁ User ID & Access management assessment
⦁ Security risk report
⦁ Security management plan
⦁ Internal and external vulnerability scan report
⦁ User permission and access behaviour
⦁ Data breach liability report