Cyber Defense eMagazine February Edition for 2023
Cyber Defense eMagazine February Edition for 2023 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, Editor-in-Chief and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Cyber Defense eMagazine February Edition for 2023 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, Editor-in-Chief and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Old vulnerabilities are not being detected.<br />
<strong>Cyber</strong> Security Works found that between 2007 and 2021, scanners have not been detecting 68<br />
vulnerabilities. Of that group, 58 are old weaknesses. By comparing them to a database of known<br />
vulnerabilities, scanners are made to find weaknesses within a target. These well-known scanners<br />
continue to use obsolete datasets despite several CISA warnings, exposing crucial assets.<br />
Threat actors can easily benefit from these false-negative scanner results and the lengthy vulnerability<br />
disclosure schedule by finding exploits, eventually resulting in ransomware attacks against organizations<br />
and critical infrastructure.<br />
Taking a new approach: Risk-Based Vulnerability Management<br />
It is insufficient to rely on outdated detection and response tools, and successful tools should be<br />
measured by test methodology and how frequently its detection algorithm is updated. Organizations that<br />
use antiquated scanner systems are particularly at risk from ransomware attacks. Rather than solely<br />
relying on the results and severity ratings of scanners, we advise scanner users to adopt a threat- and<br />
risk-based strategy.<br />
Risk-Based Vulnerability Management aims to identify and remediate vulnerabilities that pose the<br />
greatest risk to an organization. Using this approach provides organizations with three surefire benefits.<br />
Quicker Decisions - By utilizing threat intelligence and threat-hunting tools, organizations can counter<br />
threat actors by making quicker, more educated, and data-driven security decisions. As a result, IT staff<br />
can take a more proactive approach to concentrate their time and resources on their environment's most<br />
pressing risks.<br />
Greater Visibility - Risk-based vulnerability management ensures that all assets are visible across the<br />
entire attack surface. This includes contemporary assets frequently not supported by legacy tools such<br />
as mobile devices and cloud-based applications.<br />
Team and System Alignment - It is crucial to maintain team and system alignment through project<br />
objectives and results; particularly when the highly sensitive security of an organization is involved.<br />
Vulnerability management seeks to specify processes and procedures <strong>for</strong> locating, prioritizing, and<br />
remediating vulnerabilities to preserve security alignment.<br />
A vulnerability scanner's dependability is defined by its testing techniques and how frequently its crawling<br />
algorithm is updated. Users are unaware they are exposed to cyber assaults utilizing hidden flaws since<br />
well-known scanners like Nessus, Nexpose, and Qualys can miss significant vulnerabilities.<br />
Organizations need to be aware of their asset inventory, including hardware, software, infrastructure,<br />
and third-party services. A security strategy utilizing continuous vulnerability scanning (VMaaS), Attack<br />
Surface Management (ASM), and Vulnerability Intelligence (VI) is needed to provide timely, contextual,<br />
and actionable insights <strong>for</strong> remediation.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>February</strong> <strong>2023</strong> <strong>Edition</strong> 115<br />
Copyright © <strong>2023</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.