In Q1 2017, about 1,254 breaches reportedly took place – most of which occurred due to a known vulnerability: insufficient or improper input validation. Vulnerabilities such as the above occur due to either coding errors or security misconfiguration, which the attackers quickly exploit to access system memory, execute insidious commands, steal data, etc. Now, with malicious programs scanning the networks for known vulnerabilities, traditional defenses offered by passwords, SSL and data-encryption, firewalls, and standard scanning programs may not be enough. Only by undertaking a robust regimen of vulnerability assessment (VA) can businesses safeguard their data and networks.
Vulnerability may rise due to myriad factors, from a weak password on a router to an unpatched programming flaw. By undertaking a vulnerability assessment (VA) exercise, organizations can validate security measures from within a network firewall (internal) and check defenses from without (external). It would involve bringing under the scanner all assets such as servers, firewalls, load balancer, network devices, and desktops among others. Experts agree on the need to undertake internal and external VAs every quarter, or whenever a network entity undergoes a critical change. The VA report provides details on the identified vulnerabilities on the network, potential risks, and suggested mitigation measures.
With VA becoming a critical security strategy component, it has become mandatory for organizations to implement it at the risk of losing their PCI compliance certification. Today, organizations run VA scans to assess their network, run patch installation, and re-assess the environment for its durability. This cycle of assess-patch-re-assess is now the standard for organizations to manage their security issues. In fact, organizations have integrated VA into their system rollout process in such a manner that the assessment is triggered whenever a new server is installed.
Credential vs. non-credential based vulnerabilities assessment
There are two kinds of vulnerability assessments: credentialed and non-credentialed (also known as authenticated and unauthenticated scans). Credentialed scans, which make use of the admin account, do a more thorough check by looking for problems that cannot be seen from the network. On the other hand, non-credentialed scans provide a quick view of vulnerabilities by only looking at network services exposed by the host. Unfortunately, non-credentialed scans do not provide deeper insight into application and operating system vulnerabilities not exposed to the network, or those vulnerabilities behind a firewall. It provides a false hope that the system is safe.
When it comes to the credential-based assessment, maintaining an accurate list of all credentials is a big worry. An inaccurate list is one of the main reasons why security teams have a hard time completing credentialed scans. For instance, in large organizations, it is not always possible to track down owners of specific assets; in some cases, even asking the asset owner for their credentials may run in trouble and even be prohibited by company policy.
Nevertheless, a credential test preforms a dry run of all credentials and then reports on the successfully authenticated hosts and the unsuccessful ones. This enables security teams to quickly identify and resolve credential issues. In fact, it prevents the security teams from performing VAs that may encounter errors or provide inaccurate or incomplete information due to incorrectly configured credentials
Benefits of credential-based VA:
- Does not disrupt operations or consume too many resources because the scan is performed with credentials
- Queries the local host to see if a patch for a given vulnerability has been applied rather than probe a service remotely and attempt to find vulnerability
- Identifies client-side software vulnerabilities
- Identifies several other vulnerabilities
- Permits safer scanning to secure information from control system servers and workstations
- Enables customized auditing of operating systems, applications, databases, and file content
Best-in-class VA from SISA:
SISA, an authorized Qualified Security Assessor (QSA), provides security and vulnerability assessment solutions that are multi-faceted and highly effective for application security and change management. SISA’s vulnerability solutions are swift, secure, and stable as they work in congruence with SISA Cloud Testing norms, SISA SecureScan. SISA’s VA solutions are known for their non-intrusive and comprehensive nature in ASV scans.
Talk to our VA expert to ensure an enhanced security strategy for your organization!