Qualys is a sponsor of TechSpective
Vulnerabilities are a fact of life. There is no such thing as perfect security, but businesses should strive to make it as difficult as possible for attackers to succeed—and have tools and processes in place to quickly detect when a threat slips through. The goal for an organization is to proactively address vulnerabilities—patching or mitigating as needed to reduce exposure to risk and minimize the attack surface.
A study from University of Maryland found that attackers use automated scripts and tools to indiscriminately attack every system connected to the internet. The study found that internet-connected systems are attacked on average 2,244 times per day—or once every 39 seconds on average. Eventually, one or more of those attacks will find a crack in the armor and compromise a system. Once that happens, the Cost of a Data Breach report from IBM reveals that the average time it takes to identify the attack is 206 days.
Changing the Game with VMDR
Faced with a constant barrage of attacks, proactively addressing vulnerabilities is more important than ever. The idea of vulnerability management and reducing attack surface took center stage last week at the Qualys Security Conference in San Francisco. One of the primary focuses of the event was VMDR (Vulnerability Management Detection and Response)—a product that Qualys unveiled in November at the Qualys Security Conference in Las Vegas. Qualys has been a leader in vulnerability management for years, but VMDR raises the bar. Rather than just detecting and reporting on vulnerabilities, VMDR takes a holistic, end-to-end approach to actually assess risk and address the issues to make an organization more secure.
Sumedh Thakar, President and Chief Product Officer for Qualys, calls VMDR a game changer. The traditional approach to vulnerability management treats it as a numbers game. If there are 1,000 vulnerabilities detected and you can patch or mitigate 990 of them, you have a remediation rate of 99%–and that’s not too shabby, right? Well, not really. That math paints an incomplete picture. What if the 990 vulnerabilities that were remediated were minor flaws that would have minimal impact if exploited, but the 10 that are left are all remote code execution vulnerabilities with active exploits in the wild that affect business critical systems? Context matters.
The objective is to reduce the time to remediate and limit the organization’s exposure to risk—both in terms of the number and severity of open vulnerabilities and the length of time the company is left exposed to that particular risk. Thakar explained that VMDR combines asset inventory, vulnerability and configuration assessment, threat risk and prioritization, and patch management to ensure comprehensive visibility and a remediation strategy prioritized based on context.
Risk Based Vulnerability Management
There are a number of elements that are fundamental to effective cybersecurity. VMDR incorporates many of these capabilities into a perpetual lifecycle that helps organizations identify and resolve vulnerabilities.
VMDR starts with asset discovery and inventory to make sure you have an accurate account of all devices in your environment. It performs continuous vulnerability assessments with cloud agents and a variety of sensors and leverages artificial intelligence to instantly assess and prioritize threats based on relevant context. Finally, VMDR provides built-in remediation functionality and integrates with support and ticketing systems to ensure vulnerabilities are patched or mitigated.
The threat landscape is constantly evolving and expanding, so it’s important for organizations to have tools and processes that help them reduce the available attack surface. There was a lot more packed in to the Qualys Security Conference, but VMDR played a starring role for sure, because it gives organizations what they need to minimize their exposure to risk.