A History of the Vulnerability Management Lifecycle
The number of known vulnerabilities has exploded in recent years. With enterprises using more software solutions, open-source, cloud, Internet of Things, and more, it’s no wonder the increase in security flaws has skyrocketed.
For vulnerability managers, this can feel like a never-ending chase. So we may ask ourselves, “what’s this story’s origin, and what does the next chapter look like?”
The Early Days of Vulnerability Assessments
In the late 90s and early 2000s, the first vulnerability scanners were released. Relatively speaking, there weren’t a lot of vulnerabilities in those days compared to today. For example, in the year 2000, there were 1,020 disclosed vulnerabilities. In comparison, 2018 saw a staggering 16,555 disclosed vulnerabilities.
The scanning and remediation process in those days was very much a manual process. The scanning software would provide a report of vulnerabilities found, which had to be analyzed for accuracy and validity by someone in the IT department. The report would be sent to IT department heads for review and approval. Then once approved, the System Administrators would remediate vulnerabilities and follow-up with another vulnerability scan to verify the results.
Averaging only about 85 vulnerabilities per month, this manual process was manageable, and there wasn’t a real need to automate vulnerability management. . As the number of vulnerabilities increased in subsequent years, and the importance of vulnerability management became more evident to organizations, manual scanning and remediation plans would soon become impracticable.
The Vulnerability Flood
Fast forward by a decade, and the number of vulnerabilities steadily increased with 4,652 reported in 2010 and 6,447 new vulnerabilities in 2016. However, starting in 2017, an explosion of vulnerabilities began that has continued into 2019.
Trying to get a handle on 16,000+ new vulnerabilities reported in one year is an impossible task for organizations. Determining priorities, technical severity, remediation methods, and testing are all important components to the process that need to be conducted accurately and in a timely manner. This entire process becomes even more challenging when you know it’s going to be an ongoing issue, month after month, year after year. But it’s not just the sheer number of vulnerabilities that are an issue for vulnerability managers.
More vulnerabilities mean more attack vectors. Whether it’s the increase in the number of vendors, multi-platform solutions, open-source applications, or cloud-based services and applications, attackers have more avenues than ever to find and exploit a weak link in an organization’s enterprise. This has resulted in major newsworthy breaches that have significant financial and brand reputation consequences for affected organizations.
The Future is Automated
There’s no doubt that the seemingly never-ending barrage of new vulnerabilities cannot be managed with a manual vulnerability management plan. Manually reviewing and prioritizing known vulnerabilities is unrealistic and just too time-consuming.
According to Heather Hixon, Senior Solutions Architect at DFLabs, automation has proven extremely valuable. After implementing automation in her SOC, she noted that “automation helped produce measurable improvements across key customer service metrics, including time to detection and remediation, vulnerability management progress, and network disruption times.”
Vulnerability management teams should strive to make the remediation processes as automated as possible, from detection to resolution, across infrastructure, applications and code. Automation will enable teams to work more efficiently, reducing repetitive manual tasks and processes. This modern process of automation will allow organizations to efficiently remediate vulnerabilities that actually pose a threat, while avoiding causing unnecessary damage to business operations.
Where do we go from here?
Whether your remediation processes resemble the ‘early days’ method or you have implemented more modern tools and processes, it’s crucial that you take a look at your vulnerability process and ask: am I taking the necessary steps to make me environment as secure as possible to meet the modern threat landscape?
Interested in learning more about automating vulnerability management? Request a consultation with a Vulcan automation expert today.