Stay in Touch With Your Vulnerabilities

It’s Valentine’s Day, what better time to talk about our vulnerabilities? Don’t worry, we won’t get into analyzing your love life, rather it’s your network and systems our heart is after.  

 

Scan the Heart of Your Organization

Your network and firewall are often the first line of defense against cyberattacks, and one of the first things cybercriminals do is look for common vulnerabilities like unpatched software, misconfigurations, SSL certificate issues, and weak security systems.

A vulnerability scan is an automated tool that identifies Common Vulnerabilities and Exposures (CVEs), or known vulnerabilities, in a company’s network, server, and operating systems.

To break things down even further, network vulnerability scans fall into two general categories:

  • External scans run from outside of the network, looking for holes (e.g. open ports, configuration issues, etc.) in the firewall that could be exploited by an inbound threat (e.g. a malicious hacker or virus).

  • Internal scans start inside the company network to check individual devices for vulnerabilities that someone – or something – could take advantage of from inside the network (e.g. unpatched software with security gaps, malware on an employee’s device, or a malicious insider).

A vulnerability scan is an efficient way to locate and prioritize issues that might be taken advantage of if in the wrong hands. Periodic scans are even required for compliancy or regulations in some industries.

 

Vulnerability Scanning and Ethical Hacking Make a Great Couple

We recently wrote about ethical hacking, another important method for checking your network and systems for vulnerabilities. The primary difference between the two is that ethical hacking is manual and utilizes human analysis and intelligence to try to break in to the network, whereas vulnerability scanning runs on its own.

So, while vulnerability scans are more affordable and time-efficient than full scale ethical hacking, they are understandably less extensive. One test doesn’t replace the other – to ensure you’re fully protected, the best practice is to use both.

Ethical hackers often actually use a preliminary vulnerability scanning tool as a component of a penetration test, but a lot can change over the course of a year. Many companies opt for a cadence of quarterly vulnerability scans and an annually scheduled penetration test to be sure nothing falls through the cracks.

 

It’s a Commitment That Should Last

Just like any great relationship, keeping a healthy network and systems takes effort and maintenance. A vulnerability scan is a great way to locate active and potential security holes in your system, but the most important part is reviewing the report and addressing any problems. This is where your IT team is a critical resource to help prioritize efforts, apply fixes and coordinate ongoing protection.

 

Regular vulnerability scanning is an important part of strong cybersecurity health. If you’re not in love with it already, now might be a good time to think about embracing it.

 

Stay Safe,

Your Friends @ Defendify