What Are Their Vulnerabilities? A SANS Continuous Monitoring Survey

  • Wednesday, 28 Oct 2015 1:00PM EDT (28 Oct 2015 17:00 UTC)
  • Speakers: David Hoelzer, Javvad Malik, Arabella Hallawell, Mark Painter, Ted Gary

Continuous monitoring is growing in use, according to the 2014 SANS Survey on the Critical Security Controls. In it, 58% of respondents had partially implemented and 28% had fully implemented Control Number 4: Continuous Vulnerability Assessment and Remediation. In actuality, this control is not the only one that speaks to the need for continuous monitoring: Controls 1 and 2 (inventory of authorized and unauthorized devices and software) also fall under their continuous monitoring programs, as do secure configurations (Control 3), which were the top three controls that had been partially or fully implemented in our 2014 survey.

In this webcast, SANS Fellow Instructor David Hoelzer will examine the most commonly found vulnerabilities and ask how they're being discovered, patched and centrally-managed throughout the system's life cycle. Attend this webcast and learn best practices and advice from peers who've implemented or attempted to implement continuous monitoring, including:

  • How far are IT organizations in automating and integrating vulnerability assessment and remediation functions?
  • What level of improvements are they gaining from the programs they have in place?
  • Do those improvements fall short of their target objectives and if so, what's holding them back?
  • What do vendors and IT operators need to do to improve and automate their assessment, monitoring and remediation functions?

Be among the first to receive the associated whitepaper written by David Hoelzer.

View the associated whitepaper here.