![Page 1: Cost-effective approach to full-cycle vulnerability management](https://reader031.vdocuments.mx/reader031/viewer/2022022404/546c3aaeb4af9f662c8b5008/html5/thumbnails/1.jpg)
Cost-effective approach to full-cycle
vulnerability management
Sumita Chotani 13th November 2012
Company Confidential
![Page 2: Cost-effective approach to full-cycle vulnerability management](https://reader031.vdocuments.mx/reader031/viewer/2022022404/546c3aaeb4af9f662c8b5008/html5/thumbnails/2.jpg)
Common Issues across SMB
2
One man army
Security is not a priority
Upper Management wants results
Time is of the essence
User friendly product is imperative
![Page 3: Cost-effective approach to full-cycle vulnerability management](https://reader031.vdocuments.mx/reader031/viewer/2022022404/546c3aaeb4af9f662c8b5008/html5/thumbnails/3.jpg)
AUTOMATION is the key
3
What can you automate?
Identifying your Network Topology and Asset
Management?
Vulnerability Assessment of the network?
Reporting the findings of the assessment?
Remediation workflow via a ticketing system?
![Page 4: Cost-effective approach to full-cycle vulnerability management](https://reader031.vdocuments.mx/reader031/viewer/2022022404/546c3aaeb4af9f662c8b5008/html5/thumbnails/4.jpg)
Identifying your network topology
and Asset Management
4
Discover, understand and organize your network
and the people managing the systems
3 Basic Steps:
o Run Scheduled maps*
o Form Asset Groups around the existing
logical structure
o Assign each Asset Group to its respective
owner
Map ~ Network discovery
![Page 5: Cost-effective approach to full-cycle vulnerability management](https://reader031.vdocuments.mx/reader031/viewer/2022022404/546c3aaeb4af9f662c8b5008/html5/thumbnails/5.jpg)
Identifying your network topology
and Asset Management
5
![Page 6: Cost-effective approach to full-cycle vulnerability management](https://reader031.vdocuments.mx/reader031/viewer/2022022404/546c3aaeb4af9f662c8b5008/html5/thumbnails/6.jpg)
6
Identifying your network topology
and Asset Management
![Page 7: Cost-effective approach to full-cycle vulnerability management](https://reader031.vdocuments.mx/reader031/viewer/2022022404/546c3aaeb4af9f662c8b5008/html5/thumbnails/7.jpg)
7
Identifying your network topology
and Asset Management
![Page 8: Cost-effective approach to full-cycle vulnerability management](https://reader031.vdocuments.mx/reader031/viewer/2022022404/546c3aaeb4af9f662c8b5008/html5/thumbnails/8.jpg)
Identifying your network topology
and Asset Management
8
![Page 9: Cost-effective approach to full-cycle vulnerability management](https://reader031.vdocuments.mx/reader031/viewer/2022022404/546c3aaeb4af9f662c8b5008/html5/thumbnails/9.jpg)
Vulnerability Assessment of the
network
9
Periodic scanning of all perimeter and internal
systems
E.g.
o Nightly scans of Production Environment
o Weekly scans Critical servers and workstations
o Monthly scans of entire network pre and post Patch
Tuesday
![Page 10: Cost-effective approach to full-cycle vulnerability management](https://reader031.vdocuments.mx/reader031/viewer/2022022404/546c3aaeb4af9f662c8b5008/html5/thumbnails/10.jpg)
Vulnerability Assessment of the
network
10
![Page 11: Cost-effective approach to full-cycle vulnerability management](https://reader031.vdocuments.mx/reader031/viewer/2022022404/546c3aaeb4af9f662c8b5008/html5/thumbnails/11.jpg)
11
Reporting the findings of the
assessment
Actionable Report
o Patch Report • One Interactive Report:
- View of a Patch Matrix
- Patch – Host Mapping
- Link to download the Patch
Schedule report generation
![Page 12: Cost-effective approach to full-cycle vulnerability management](https://reader031.vdocuments.mx/reader031/viewer/2022022404/546c3aaeb4af9f662c8b5008/html5/thumbnails/12.jpg)
12
Reporting the findings of the
assessment
![Page 13: Cost-effective approach to full-cycle vulnerability management](https://reader031.vdocuments.mx/reader031/viewer/2022022404/546c3aaeb4af9f662c8b5008/html5/thumbnails/13.jpg)
13
Reporting the findings of the
assessment
![Page 14: Cost-effective approach to full-cycle vulnerability management](https://reader031.vdocuments.mx/reader031/viewer/2022022404/546c3aaeb4af9f662c8b5008/html5/thumbnails/14.jpg)
14
Setting up a Remediation workflow
via a ticketing system
Need for Closed Loop Ticketing System
![Page 15: Cost-effective approach to full-cycle vulnerability management](https://reader031.vdocuments.mx/reader031/viewer/2022022404/546c3aaeb4af9f662c8b5008/html5/thumbnails/15.jpg)
15
Setting up a Remediation workflow
via a ticketing system
Closing Open Tickets
![Page 16: Cost-effective approach to full-cycle vulnerability management](https://reader031.vdocuments.mx/reader031/viewer/2022022404/546c3aaeb4af9f662c8b5008/html5/thumbnails/16.jpg)
16
Setting up a Remediation workflow
via a ticketing system
Reopening Closed Tickets
![Page 17: Cost-effective approach to full-cycle vulnerability management](https://reader031.vdocuments.mx/reader031/viewer/2022022404/546c3aaeb4af9f662c8b5008/html5/thumbnails/17.jpg)
17
Setting up a Remediation workflow
via a ticketing system
![Page 18: Cost-effective approach to full-cycle vulnerability management](https://reader031.vdocuments.mx/reader031/viewer/2022022404/546c3aaeb4af9f662c8b5008/html5/thumbnails/18.jpg)
18
Setting up a Remediation workflow
via a ticketing system
![Page 19: Cost-effective approach to full-cycle vulnerability management](https://reader031.vdocuments.mx/reader031/viewer/2022022404/546c3aaeb4af9f662c8b5008/html5/thumbnails/19.jpg)
Check - List
19
Automated Inventory Lookup ✓ Asset Management and Delegation ✓ Automated Scanning ✓ Automated Report Generation ✓ Reports for Patch Management ✓ Automated Remediation Workflow ✓
![Page 20: Cost-effective approach to full-cycle vulnerability management](https://reader031.vdocuments.mx/reader031/viewer/2022022404/546c3aaeb4af9f662c8b5008/html5/thumbnails/20.jpg)
20
Reduce workload for everyone through
automation and prioritisation