Defense has always been fundamental. Defense is now sexy? A lot of discussion around defense and network security has been bubbling up since this years Black Hat Conference in Las Vegas featured a dedicated Defense track for the first time. SC Magazine noted the focus on Defense at the conference, and Rick Holland also covered the increased focus on defense in his blog about his observations from Black Hat. While showcasing new attack methodologies or highlighting newly discovered vulnerabilities always gets more press, it is refreshing to see defense beginning to get more focus.
Much of the discussion around defense has been about changing the way we have traditionally done defense in the network security world. A lot of focus has been placed on the fact that the technology we have deployed over the years has created “walls” obstructing our view. Defense should focus on the information or capabilities we already have in place, be it the information in logs from routers, switches or firewalls, or rigorous patch or vulnerability management. Parsing through all of this information or even prioritizing vulnerabilities for medium, enterprise or MSP organizations is a daunting task though. Holland point out in his blog that “the reality is that enterprise wide patch and configuration management are very challenging for companies”. Considering the fact that many of these organizations that do leverage vulnerability management systems sometimes get results telling them they have over 10,000+ vulnerabilities that need to be addressed, it is easy to see how the full breadth of protection is not always deployed.
A more intelligent approach to defense is needed. An approach that takes the vulnerabilities within your network, matches them against the network topology and the mitigating security controls that are in place, and highlights exactly what assets are truly at risk within the full context of the network. An approach that prioritizes the remediation actions that you need to take, and enables you to see the effect of those actions on the overall risk posture of the network. An approach that updates the risk map in real-time as changes occur to the configuration of the network devices and network security controls deployed within your network. A defense approach that is realized in FireMon Security Manager 6.0, the industry’s first Security Posture Management Solution. We invite you to try this new intelligent defense here.