Recorded Future - How to Patch the Vulnerabilities That Really Matter to Your Organization

Vulnerability management is a lot like playing whack-a-mole. Every time you patch one vulnerability, two new ones pop up in its place. And threat actors only need one opportunity to get inside your network and cause devastating harm.

CVSS Scores No Longer Cut It

There were more than 17,000 new vulnerabilities in 2019, and that number increases every year. The Common Vulnerability Scoring System, or CVSS, is the most common score vulnerability management teams use when prioritizing what to patch first. But over 60% of vulnerabilities from 2019 are rated CVSS critical or high, giving vulnerability management teams an enormous backlog of vulnerabilities to patch quickly.

Using CVSS to prioritize vulnerabilities without context doesn’t really make sense. CVSS doesn’t measure risk; it only measures severity. This helps you understand how severe an incident might be if a vulnerability were to be exploited, but it gives you zero insight into how likely the vulnerability is to be exploited at your company.

CVE-2018-20250, for example, has a CVSS 2.0 score of 6.8, putting it at medium severity. Yet CVE-2018-20250 was one of the top 10 most exploited vulnerabilities in 2019. It should absolutely be at the top of your prioritization queue.

Not All Vulnerabilities Are Equal

The truth of that matter is, only 5.5% of vulnerabilities are actually exploited in the wild. That means security and IT teams are wasting far too much valuable time remediating low-risk vulnerabilities. That time should be spent focusing patching vulnerabilities that are likely to be exploited soon. But vulnerability management professionals often lack the visibility they need to make smart prioritization decisions.

Adding to the trouble, adversaries are getting faster. Today, it only takes about 15 days for an exploit to appear in the wild once a vulnerability is identified. So, even though not all vulnerabilities are exploited, it happens quickly for the ones that are.

Vulnerability management teams need to be able to keep up. To quickly reduce the most possible risk, security teams need external context that empowers them to prioritize based on the likelihood of vulnerability exploitation — not just the severity.

Security Intelligence for Risk-Based Vulnerability Prioritization

Security intelligence makes vulnerability management teams far more effective. It uses real-time data to score vulnerabilities based on exploitability and delivers the context you need to prioritize patches that matter most and prevent attacks.

Vulnerability intelligence from Recorded Future empowers you to stay a step ahead of your adversaries with temporal risk scoring that surfaces the most actively dangerous vulnerabilities. Automatically detect reporting of new observables — including vulnerabilities, exploits, proof of concept code, exposed company assets, and threat actors targeting organizations and industries.

Knowing what has been exploited in the past is a great first step, but knowing what has been observed in the wild recently is significantly better. Some vulnerabilities trend for a moment, while others, especially Microsoft vulnerabilities, stick around for years as a core component of an attacker’s arsenal.

Learn More About Vulnerability Intelligence

For more on how Recorded Future’s Vulnerability Intelligence Module enhances your overall security program, watch the short on-demand webinar, “Disrupt Adversaries with Vulnerability Intelligence,” right now.

The post How to Patch the Vulnerabilities That Really Matter to Your Organization appeared first on Recorded Future.



from Recorded Future https://www.recordedfuture.com/vulnerability-intelligence-module-overview/

Comments

Post a Comment

Popular posts from this blog

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"

Image
Eric Howes , KnowBe4 Principal Lab Researcher, found out about another insidious bad guy trick: " If you work in IT there has undoubtedly come a dark moment when you wondered to yourself just who among your employee users would be gullible enough to click through a phishing email and potentially bring down your organization. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/when-users-add-their-names-to-a-wall-of-shame
Read more

Krebs - NY Charges First American Financial for Massive Data Leak

Image
In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. had exposed approximately 885 million records related to mortgage deals going back to 2003. On Wednesday, regulators in New York announced that First American was the target of their first ever cybersecurity enforcement action in connection with the incident, charges that could bring steep financial penalties. First American Financial Corp. Santa Ana, Calif.-based  First American [ NYSE:FAF ] is a leading provider of title insurance and settlement services to the real estate and mortgage industries. It employs some 18,000 people and brought in $6.2 billion in 2019 . As first reported here last year , First American’s website exposed 16 years worth of digitized mortgage title insurance records — including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images. The docum
Read more

SBS CyberSecurity - In The Wild 166

Image
  In The Wild - CyberSecurity Newsletter Welcome to the 166 th issue of In The Wild, SBS’ weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the Internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. CyberRiskNOW Virtual Conference SBS Educational Resources This virtual conference is designed to provide interactive training on evo
Read more