Week 9: Vulnerability Management

Vulnerability Management Lifecycle - Cymulate 

 Vulnerability management is a continuous process that identifies, evaluates, treats, and reports security vulnerabilities across systems and software. It helps reduce the attack surface and ensure compliance. The process includes asset discovery, vulnerability scanning, risk prioritization, remediation, and verification. Automation and risk-based tools enhance its efficiency, making it essential for modern cybersecurity strategies.

Key Stages (Lifecycle)

  1. Asset Discovery
    Identify and catalog all IT assets—servers, endpoints, apps, networks—which forms the foundation for vulnerability scanning.

  2. Vulnerability Scanning
    Use automated tools to detect known flaws such as misconfigurations, open ports, and out-of-date software across the infrastructure .

  3. Prioritization & Risk Rating
    Assign risk levels (e.g., CVSS scores, severity ratings) based on likelihood, business impact, exploitability, and compliance requirements..

  4. Remediation & Mitigation
    Apply patches, adjust configurations, use compensating controls, or accept low-risk vulnerabilities; remediation workflows guide these actions.

  5. Verification (Reassessment)
    Re-scan and monitor systems post-remediation to confirm issues have been resolved and to detect new vulnerabilities.

  6. Reporting & Compliance
    Maintain dashboards, compliance mappings, and audit trails to track progress, performance metrics, and align with regulatory standards .

    Core Objectives

  7. Shrink the attack surface by proactively identifying and resolving vulnerabilities.

  8. Boost security posture through regular scanning, prioritized remediation, and tracking via dashboards.

  9. Meet regulatory requirements like HIPAA, PCI‑DSS, and others requiring vulnerability management capabilities. 

    Vulnerability management isn’t a one-off initiative—it’s a cyclic process that adapts to evolving threats, changing infrastructure, and emerging risks. Staying ahead of attackers requires ongoing vigilance and refinement.  

    Resources:  https://www.techtarget.com/searchsecurity/definition/vulnerability-management 

Comments

Post a Comment

Popular posts from this blog

Week 4: Cyber Supply Chain Risk Management

Image
      Something I believe we will all will run into at some point Digital supply Chain. What is Digital supply chain? Digital supply chain protects the entire digital ecosystem involved in the movement of goods and information like raw materials leading to finished products. The aspect of supply chain security for digital systems are increasingly used to manage various aspects of the supply chain like order processing, payments and shipping. Cyber supply chain risk management is to identify what cyber risk exist within a chain and manage risks that occur since organizations no longer have control or visibility into the digital supply systems they are connected to. There are three main types of attack, Network, Software, and Hardware supply chain attacks. I won't go over all types of attack but I will talk about one that is the most common and that is Software supply chain attacks. Usually what happens is a vendor's network can be invaded by an attacker who can compromise ...
Read more

Week 3- Attackers Impersonate as Managed Devices

 A report was created that a high-severity vulnerability has been found in Cisco's Nexus Dashboard Fabric Controller which allows unauthenticated attackers to impersonate managed network devices through SSH connections that are compromised. Security researchers from REQON B.V. identified the flaw, which comes from insufficient SSH host key validation mechanisms within the NDFC infrastructure. The affected system fails to properly validate SSH host keys during connection, that allows malicious actors to conduct machine-in-the-middle attacks giving themselves the chance to position themselves between the NDFC controller and managed devices, potentially intercepting and manipulating network management traffic. Attackers that successfully exploit this vulnerability could create persistent backdoors within the managed network environment. Cisco has released software updates to address this vulnerability, with no available workarounds for affected systems. The fix implements enhances the...
Read more

Week 1- New Resource I found

 Something interesting I found was this cybersecurity news website that is like traditional news but shares information about threats and problems being faced in the Cyber Security field.   It covers things like: Data breaches Cybersecurity attacks all around the world Malware threats and updates   Tools and helpful cheat sheets    I found this website to be very useful as it gives us insight on what is happening in real-time and I like how it also gives us awareness on the situations going on all around the world.  https://thehackernews.com/ Another one similar to The Hacker News:   https://www.darkreading.com/   
Read more