Executive Series Tech Tip - Inadequate Vulnerability Assessment

Tuesday, March 16, 2010

Michael Bruck


Your latest Vulnerability Assessment is likely a waste of your IT Budget dollars!  Why?  The reason is that today the most prevalent and highest risk vulnerabilities reside within desktop application vulnerabilities and in most cases they are NOT even being included in the testing process.  To make matters worse, malicious individuals and members of organized crime are targeting these vulnerabilities, because they know they are the proverbial low hanging fruit. 

Link to full article:  http://www.baisecurity.net/articles_2.asp?ArticleID=127


Possibly Related Articles:
Budgets Enterprise Security
Vulnerability Assessments
Post Rating I Like this!
Terry Perkins Michael, I agree about the desktops. However, any security person worth their salt should be running vulnerability scans against those as well.
Michael Bruck Terry, the issue isn't that they are being scanned, but that they are being scanned by traditional network-based scanning, which can't identify vulnerabilities in a large number of applications on these desktops that don't respond to network scans. Your VA software needs to be able to actually logon into these systems and scan the file system, registry, and even some config files to do a comprehensive job...
Terry Perkins Mine can. :)
Michael Bruck That's great. :) You may be surprised just how many VA tools being used by even larger auditors can NOT...

The first time we come in after a previous auditor it's often a major shock to the client (in most cases), since their previous auditor did not perform authenticated scans...

We get a lot of... wow, we thought we were in much better shape...
Terry Perkins My only guess is that auditors are not necessarily security folks. However, your point is taken.
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.