Last updated at Mon, 01 Aug 2022 21:20:17 GMT
Think of an endeavor in your life where your success is entirely dependent on the success of others. What’s the first example that comes to mind? It’s common in team sports – a quarterback and a wide receiver, a fullback and their goalie, an equestrian and their horse.
What if you narrow the scope to endeavors or activities at work? A little more difficult, right? A large project is an easy candidate, but those are generally distributed across many people over a long time period, which allows for mitigation and planning.
For those that make a living in cybersecurity, the example that immediately comes to mind is vulnerability management (VM). VM, which really falls under the heading of risk management, requires deft handling of executive communications, sometimes blurred to abstract away the tedious numbers and present a risk statement. At the same time, judicious management of vulnerability instances and non-compliant configurations that exceed organization thresholds – i.e., all the numbers – requires very detailed and often painstaking focus on the minutiae of a VM program. Then, layer in the need for situational awareness to answer context-specific questions like, “Are we vulnerable, and if so, do we need to act immediately?" or “Why did the security patch fail on only 37 of the 2184 target systems?" It becomes glaringly apparent that communication and alignment among all stakeholders – security team, IT operations, and business leadership – are paramount to achieve “dependent” success.
Based on customer feedback and directional input, we’re pleased to release two updates that are aimed at not only improving VM program success but also reducing the effort to get you there.
Remediation Project progress [released]
In what may be the most exciting and warmly received update for some, we are releasing a new method to calculate and display progress for Remediation Projects. Historically, credit for patching and subsequent reporting of "percent complete" toward closing any one Remediation Project was only given when all affected assets for a single solution were remediated. So we’ve updated the calculation to account for "partial" credit. Now, remediation teams will see incremental progress as individual assets for specific solutions (i.e. patches) are applied. This is a much more accurate representation of the work and effort invested. It is also a much more precise indication of what additional effort is needed to close out the last few pesky hosts that have so far resisted your best remediation efforts.
For some, the scope and scale of risk management in the world of VM has outgrown original designs – more assets, more vulns. We’ve acted on the sage wisdom of many who have suggested such an update and made that available in Version 6.6.150.
This update will affect all (current and future) Remediation Projects, so we encourage teams to leverage this blog post to share the details behind this release as a heads-up and possibly improve relations with your teammates. It’s only by partnering and aligning on the effort involved that this “success dependency” becomes a power-up, rather than a power drain.
Remediator Export [released]
I am particularly excited about this seemingly minor but mighty update, because I can remember having to script around or find automation to stitch together different source documents to produce what we have elected to refer to as a Remediator Export. The number of stakeholders and the diversity of teams involved in modern VM programs necessitate on-demand access to the supporting data and associated context. This export is for – you guessed it – the teams that have the heaviest lift in any VM program: the folks that push patches, update configs, apply mitigating controls, and are usually involved in all the necessary testing – the Remediators. Whether the catalyst for such a detailed export (26 data fields in all) is to troubleshoot a failed install or to simply have more direct access to vulnerability proof data, the Remediator Export will offer improvements for nearly every remediation team.
You can access this upcoming solution based export from any Remediation Project peek panel. The Export to CSV dropdown now has an additional option that includes the data fields cited above and helps meet team’s needs where they are today.
The Remediator CSV file is accessible to anyone with permission to Remediation Projects, Goals, and SLAs and carries the following naming convention: "Project-Name_Solution-UUID.csv." We are already thinking about options to provide similar capability at the Remediation Project level.
Additional reading:
- How to Build and Enable a Cyber Target Operating Model
- The Hidden Harm of Silent Patches
- Maximize Your VM Investment: Fix Vulnerabilities Faster With Automox + Rapid7
- How to Strategically Scale Vendor Management and Supply Chain Security