Monday, December 23, 2024

CMS CISO: In Cybersecurity, Beware Death by a Thousand Vulnerability Reports

“Security has a lot of tools. We have tools to scan networks, code, open-source libraries, databases, cloud configuration, endpoints, infrastructure as code, and more. As security teams, among our key modes of communication are vulnerability reports. More specifically, identifying these issues and letting others know about them with the appropriate context so they can be fixed.

However, there are several problems with this. In this article, I’ll break down a few of them….”

“State Scan Over Scan

Scanning tools aren’t always consistent when it comes to tracking the state of an asset, scan over scan. Does the tool treat each scan as fresh? Does the tool track a specific instance of a vulnerability over the course of multiple scans? What happens when the asset changes in some way in between scans? Should that be considered a new vulnerability or the same one with the same vulnerabilities? How might the tool handle ephemeral infrastructure?

The point of these questions is not to highlight some “right” answer in these scenarios. Rather, to highlight that the complexities in state management are likely to be treated differently by different tools in your stack, leading towards a general inconsistency…” Read the full post here.

Source: In Cybersecurity, Beware Death by a Thousand Vulnerability Reports – By Robert Wood, January 12, 2022. Acceleration Economy.

[related-post]

LEAVE A REPLY

Please enter your comment!
Please enter your name here

FedHealthIT Xtra – Find Out More!

Recent News

Don’t Miss A Thing

Jackie Gilbert
Jackie Gilbert
Jackie Gilbert is a Content Analyst for FedHealthIT and Author of 'Anything but COVID-19' on the Daily Take Newsletter for G2Xchange Health and FedCiv.

Subscribe to our mailing list

* indicates required