Executive Series Tech Tip - Inadequate Vulnerability Assessment

Tuesday, March 16, 2010

Michael Bruck

38829f9c58dc699a3ef4caf9edf69b9a

Your latest Vulnerability Assessment is likely a waste of your IT Budget dollars!  Why?  The reason is that today the most prevalent and highest risk vulnerabilities reside within desktop application vulnerabilities and in most cases they are NOT even being included in the testing process.  To make matters worse, malicious individuals and members of organized crime are targeting these vulnerabilities, because they know they are the proverbial low hanging fruit. 

Link to full article:  http://www.baisecurity.net/articles_2.asp?ArticleID=127

 

Possibly Related Articles:
6861
Budgets Enterprise Security
Vulnerability Assessments
Post Rating I Like this!
C643eec6350152c6c3fbd1288578d98a
Terry Perkins Michael, I agree about the desktops. However, any security person worth their salt should be running vulnerability scans against those as well.
1268762599
38829f9c58dc699a3ef4caf9edf69b9a
Michael Bruck Terry, the issue isn't that they are being scanned, but that they are being scanned by traditional network-based scanning, which can't identify vulnerabilities in a large number of applications on these desktops that don't respond to network scans. Your VA software needs to be able to actually logon into these systems and scan the file system, registry, and even some config files to do a comprehensive job...
1268775458
C643eec6350152c6c3fbd1288578d98a
Terry Perkins Mine can. :)
1268776894
38829f9c58dc699a3ef4caf9edf69b9a
Michael Bruck That's great. :) You may be surprised just how many VA tools being used by even larger auditors can NOT...

The first time we come in after a previous auditor it's often a major shock to the client (in most cases), since their previous auditor did not perform authenticated scans...

We get a lot of... wow, we thought we were in much better shape...
1268778529
C643eec6350152c6c3fbd1288578d98a
Terry Perkins My only guess is that auditors are not necessarily security folks. However, your point is taken.
1268835099
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.