Last updated at Fri, 10 Nov 2023 19:54:01 GMT
It’s that time of year again, when people start making personal resolutions to better themselves in the new year. We think that’s great, but why not make some resolutions to improve your organization’s vulnerability risk management (VRM), too?
Here are seven resolutions we think any security professional should be making this year:
1. Start tracking your patching system performance with SLAs
Service-level agreements (SLAs) show you how effective your security program truly is. SLAs also measure the health of your vulnerability risk management program against measurable KPIs and defined metrics. The Goals & SLAs feature in InsightVM, Rapid7’s vulnerability risk management solution, helps security teams define these metrics so you can set goals and track measurable progress, whether it’s for teams or individuals. Plus, the feature allows you to receive alerts when goals are achieved or missed. By enabling collaboration and influencing peers in IT and development, security professionals using InsightVM’s Goals & SLAs feature can achieve a more efficient vulnerability risk management process.
2. Stop relying on CVSS scores alone to prioritize risk
The Common Vulnerability Scoring System (CVSS) is a nice framework for assessing risk in your environment, but these scores don’t give you the full story. You should be using a risk score that factors in not just CVSS, but also malware and exploit exposure, vulnerability age, and exploitability. Each of these play a role in the likelihood of an attacker taking advantage of a vulnerability. Furthermore, you’ll want to factor in your unique business context. Not all assets in your environment are created equal. For instance, a server that hosts your organization’s customer data is probably ranked as more important than a single employee’s laptop.
InsightVM addresses all of these factors, including threats that the CVSS score doesn’t address, through the Metasploit Framework and Exploit DB. Plus, InsightVM factors in business context with asset criticality tagging, which goes much further than a CVSS score to help you rank risks in your environment.
3. Stop spending time on mundane and repetitive tasks
It’s time to start leveraging your people and resources more efficiently by streamlining remediation processes. InsightVM offers automation capabilities like Automation-Assisted Patching and Automated Containment to take these time-consuming and tedious tasks away from your team members, allowing them to focus on more interesting and strategic tasks.
4. Start thinking of your security program as a whole when it comes to choosing security solutions.
Face it: Security is too complex to rely on point solutions. You need to create a solution for your security program as a whole rather than piecemeal solutions that don’t address the entire security picture.
At Rapid7, we partner with our customers to achieve their overall security goals—not just those specific to VRM—while offering a simpler, unified line of sight across best-of-breed solutions with the Insight Cloud.
Our universal Insight Agent works across product lines to collect data throughout the IT environment. Your security team can use the Insight Agent’s unified data collection to collaborate in monitoring and analyzing shared data, whether they’re using InsightVM or Rapid7’s cloud-based SIEM, InsightIDR.
5. Start impressing your boss with reporting that actually matters
Make this the year that you tailor your reports to your audience. You shouldn’t be giving your leadership or board members the same report you generate for your technical teams—there’s no way they’ll get the same information from the report, and they may not be impressed with a less-than-compelling story.
The Executive Summary Report in InsightVM was designed with executives in mind and provides a monthly curated assessment of your organization’s vulnerability risk management program. This report allows you to easily see your remediation efforts in one place so you can compare data from current and previous reporting periods. The report also includes easy-to-read visuals, graphs, and explanations.
6. Take a closer look at your cloud environment and make sure it’s secure
You can’t leave it in the hands of your cloud provider to protect your cloud assets. The shared responsibility model in cloud security is a framework dictating that cloud computing security obligations have to be shared between the cloud provider and the user to ensure accountability. You need a VRM solution to secure your cloud assets and infrastructure,regardless of which cloud provider(s) you are working with. InsightVM provides full visibility of your cloud and virtual environment with direct integrations with AWS, Azure, VMware, DHCP, Active Directory, and more.
7. Start integrating your security solutions with your existing tech stack
Security solutions can’t just sit on top of your tech stack—they need to be extensible and integrated in order to fully function. Your security stack needs to be more powerful than the sum of its parts. Being able to integrate, orchestrate, and automate the tools and processes across your tech stack will simplify your workload and enable you to work with the tools you consider to be best-of-breed.
InsightVM integrates with ticketing systems like Jira and ServiceNow so your security tasks can automatically be part of your overall tech activities. The solution also integrates with patch management tools like BigFix and SCCM, as well as credential management tools like CyberArk. Integrating your VRM with the rest of your technology will ensure your remediation tasks are part of the core of your business function, rather than an afterthought.