Why is Vulnerability Management Important?
Vulnerability management is something that most IT organizations struggle with due to the share volumes of identified vulnerabilities.
A vulnerability is a weakness either in software or by using old and perhaps outdated versions of software and protocols. Sometimes, it can be man made by using bad passwords and/or less secure means of authenticating a user. Regardless of origin it is something an attacker can use to gain access to information, either to download it for further use, or to encrypt it with ransomware. Rather common for the last few years is that the attackers both steal the information and then encrypt the information in the attacked organizations network.
Avoiding vulnerabilities starts when the code of the software is being compiled by scanning for commonly known vulnerabilities but also to verify the code used in the software over time if there are new ways to attack the software. Furthermore, using old protocols opens for attackers to utilize the weakness in the protocol.
The number of vulnerabilities is steadily growing from an average of 46 vulnerabilities per day (every day of the year) between 2017-2020 to for the last two full years on average 63 vulnerabilities per day (every day of the year). This creates a lot of work for IT Departments since these vulnerabilities in theory can be used to attack the organizations IT environment.
More and more organizations, as Samlink, are therefore leaning towards a risk-based vulnerability management approach that puts focus on the vulnerabilities that can be exploited by an attacker. There is a lot of research in this area and one very promising methodology is called Exploit Prediction Scoring System (EPSS).
It is important to know your IT environment and constantly view so-called exploits in the wild, which focuses on closing vulnerabilities that can be used by attackers.