 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
cirosec – Vulnerability and Risk Management Vulnerabilities are the doors which can be used by hackers or worms to break into systems and networks. They are usually caused by poor configuration or errors in operating systems, network services or applications. To protect their own IT infrastructure against attacks, many organizations implement firewalls, encryption, content security and intrusion prevention systems or similar things. In this way they want to prevent vulnerabilities from being exploited. Vulnerabilities, however, are not eliminated by such means. To eliminate vulnerabilities or errors and thus target the actual technical root cause of security problems, service packs, patches or hot fixes of the manufacturers are applied. This is, however, no easy task for larger organizations since updates can not just simply be installed. Side effects that lead to incompatibilities with critical applications are often worse than the error that was originally to be eliminated. In real life a choice has to be made between the risk of possible damage due to vulnerabilities and the risk of possible damage due to immature elimination. Blind installation of service packs or patches must be substituted by well deliberated and direct elimination of existing vulnerabilities. This is carried out by systematically capturing these existing vulnerabilities and by evaluating them while taking into account the actual infrastructure, applications and business processes. Vulnerability management is a process, supported by suitable tools, that gathers, evaluates and distributes information on vulnerabilities and controls their elimination. In addition, this information on vulnerabilities can be used in various other fields of IT security to improve quality. Information on vulnerabilities and systems for gathering and processing this information is therefore an important basic building block for proactive security management. |
 |