Vulnerability, patch, and configuration management are not new security topics. In fact, they are some of the oldest security functions. Yet, we still struggle to manage these capabilities effectively. The quantity of outstanding vulnerabilities for most large organizations is overwhelming, and all organizations struggle to keep up with the never-ending onslaught of new vulnerabilities in their infrastructure and applications. When you add in the cloud and the increasing speed with which all organizations must deliver systems, applications, and features to both their internal and external customers, security may seem unachievable.
NEW POSTER!
Key Metrics: Cloud & Enterprise | Vulnerability Management Maturity Model
This new poster was developed by Jonathan Risto and AJ Yawn.
Key Metrics: Cloud and Enterprise delivers a set of essential metrics to generate, provide, and review with the Technical, Operational, and Executive partners of the organization. Providing both early-stage and advanced metrics, organizations can generate meaningful metrics across the Identify, Protect, Detect and Respond functions of their security programs.
The SANS Vulnerability Management Maturity Model helps you gauge the effectiveness of your Vulnerability Management program. The model details key activities performed within Vulnerability Management on a 5-point scale. Leveraging the model, you can categorize your program’s current capabilities to create a clear roadmap to improve your program.
Download your FREE copy here.
NEWS
Firms Push for CVE-Like Cloud Bug System
Microsoft Azure Vulnerability Exposes PostgreSQL Databases to Other Customers
Researcher Releases PoC for Recent Java Cryptographic Vulnerability
2021 Top Routinely Exploited Vulnerabilities - A joint security bulletin coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom lists the top 15 exploited vulnerabilities in 2021
Cisco Vulnerability CVE-2022-20695
VMWARE Remote Code Execution (RCE) vulnerability
‘Groundbreaking’ CISA directive to overhaul cyber vulnerability management process
Can understanding flaws in malware help defenders prevent attacks?
WEBCASTS
Securing Cloud Data: The Hidden Vulnerabilities of SaaS Platforms, July 2021
Rekt Casino Hack Assessment Operational Series – Vulnerability Management Gone Wrong, March 2021
Reimagining Vulnerability Management in the Cloud, Aug 2020
Enterprise and Cloud | Threat & Vulnerability Assessment, June 2020
Domain Password Auditing with the Cloud, April 2020
Passwords are a Solvable Problem!, Feb 2020
How to Communicate about Security Vulnerabilities, Jan 2020
Don'tPatch - Transformative Security Programs Go Beyond the Vulnerability, December 2019
Security Vulnerability Prioritization: Managing Millions of Vulns, Nov 2019
Perilsand Perks of Cloud Access Security, Sept 2019
Next-Gen Vulnerability Management: Clarity, Consistency, and Cloud, June 2019
Jumpstart Guide for Endpoint Security in AWS, June 2019
Terraforming Azure: Not as Difficult as Planets, May 2019
Five Keys for Successful Vulnerability Management, June 2019
Managing Vulnerabilities with the PIACT Process, July 2018
It’s All About Your Assets: Inline Vulnerability & Event Management, Sept 2018
Canadian Webcast Series Part 1: Managing Vulnerabilities in the Enterprise and an Overview of the PIACT Process & Frameworks: What Are They Good For?, Feb 2018SURVEYS
A SANS 2021 Survey: Vulnerability Management - Impacts on Cloud and the Remote Workforce, Nov 2021
SANS 2020 Vulnerability Management Survey, Nov 2020
SANS 2020 Vulnerability Management Survey: A Panel Discussion, Nov 2020
Workforce Transformation & Risk: A SANS Survey, Dec 2019
LIVE STREAMS
Download notes from this live stream here.
BLOGS
5 Metrics to Start Measuring in Your Vulnerability Management ProgramVulnerability Management Maturity Model, Part I
Vulnerability Management Maturity Model, Part II
The Cyber Capability Development Centre (CCDC) Concept, May 2019
ADDITIONAL RESOURCES
CISA Know Exploited Vulnerabilities - CISA publishes a list of known exploited vulnerabilities that the federal government must remediate. If it is on this list you should ensure your organization has mitigated it
2021 Top Routinely Exploited Vulnerabilities - A joint security bulletin coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom lists the top 15 exploited vulnerabilities in 2021
Cybersecurity and Infrastructure Security Agency’s Binding Operational Directive 22-01
SANS COURSES
MGT516: Managing Vulnerabilities: Enterprise & Cloud
MGT516 helps you think strategically about vulnerability management in order to mature your organization's program, but it also provides tactical guidance to help you overcome common challenges. By understanding and discussing solutions to typical issues that many organizations face across both traditional and cloud operating environments, you will be better prepared to meet the challenges of today and tomorrow. The Cyber42 game that forms part of the course puts students in the driver's seat for the fictional Everything Corporation ("E-Corp") and allows them to select certain initiatives that will mature E-Corp's VM program. Students will also need to choose how to respond to 13 realistic events that are sure to have an impact on their program. Depending on how students respond, E-Corp's security culture and the maturity of the different components of its VM program will be impacted. These tabletop exercises will enable students to put the skills they are learning into practice when they return to work at their own organizations.SEC460: Enterprise & Cloud: Threat Vulnerability Assessment
SEC460 will help you build your technical vulnerability assessment skills and techniques using time-tested, practical approaches to ensure true value across the enterprise. Throughout the course you will use real industry-standard security tools for vulnerability assessment, management, and mitigation; learn a holistic vulnerability assessment methodology while focusing on challenges faced in a large enterprise; and practice on a full-scale enterprise range chock-full of target machines representative of an enterprise environment, leveraging production-ready tools and a proven testing methodology. SEC460 takes you beyond the checklist and gives you a tour of attackers' perspectives that is crucial to discovering where they will strike.Comparison of MGT516 vs SEC460
MGT516 - STRATEGY | SEC460 - SCABILITY | |
POSITIONING | Prepares you to strategically build and mature a vulnerability management program that is inline with overall business objectives, risks, and culture. | Teaches threat and vulnerability management assessment from the attackers' perspective. |
WHO | Security Managers Security Architects CISOs Team Leads Operations Directors and Managers Auditors | Vulnerability Assessors Security Analysts Sys Admins Red Teamers Pen Testers |
WHAT | How we solve for a vulnerability management life-cycle, holistically from identification through remediation while considering the overall business strategy by utilizing the PIACT model (Prepare, Identify, Analyze, Communicate, Treat) | Understanding the environment & the threat landscape to identify vulnerabilities & determine the optimal, scalable solutions for the enterprise. |
WHY | Overarching strategy to implement or improve vulnerability management while considering limited resources of time, money, and personnel. | Focuses on preparing security personnel to effectively & efficiently secure systems for mid-sized to large organizations. |
SPECIFIC TASKS / SKILL SETS | Create, implement & mature Vulnerability Management program Establish secure & defensible enterprise & cloud environment Build accurate and useful inventory of IT assets Identify existing vulnerabilities and how to meaningfully use this info Make data more actionable Prioritize vulnerabilities Effectively report & communicate vulnerability data within the organization up to C-level Understand treatment capabilities & better engage with treatment teams Make Vulnerability Management more engaging | Learn how to conduct vulnerability assessments Develop vulnerability discovery, management, and remediation plans Threat intelligence gathering Vulnerability assessment tool configuration and management Conduct infrastructure vulnerability enumeration at scale across numerous network segments Manage large vulnerability datasets and perform risk calculation OSINT gathering Active and Passive Reconnaissance Web application scanning |
