Become a Vulnerability Management Guru in 10 Days

June 17, 2020 | 6 min read | Security Posture

Vulnerability management has become the cornerstone of cybersecurity programs, and is critical to maintaining a strong security posture. As security issues abound with rapidly changing attack surfaces and advancements in technology, vulnerability experts are now a must-have for infosec teams. They are on the front lines of securing weak spots and guiding security posture strategy for organizations.

Unfortunately, this skill set cannot actually be learned in 10 days. The path to becoming an expert in any area of cybersecurity is rigorous and not for the faint of heart. However, developing a solid knowledge base so you can understand your attack surface and its vulnerabilities is fairly simple. In fact, you might be able to do it in 10 days!

Day 1 – Software Patches

Become familiar with software patches and the most common softwares in your enterprise that require regular patching. Topping the list of these is Microsoft, who provides monthly “Patch Tuesday” reports. Do some research on CVSS scores to get a better idea of the factors affecting vulnerability severity.

Day 2 – Misconfigurations

Learn about common misconfigurations that are exploited by hackers. Attackers regularly probe enterprise environments, looking for systems that can be compromised due to misconfiguration, and then attack them directly or indirectly. A prevalent misconfiguration among enterprises is default accounts or passwords being used on business critical applications. Many enterprises also fail to disable debugging. This can show attackers error messages that reveal propagation methods.

Day 3 – Weak Credentials

Understand “the password problem” and what leading enterprises are doing to combat it.  Password strength is the most widely respected measure of cybersecurity, yet the password habits of many enterprise employees are abysmal. Hackers take advantage of this with password spraying attacks, where common passwords are tried on targeted user accounts. This technique is leveraged in 40% of Microsoft account compromises.

Day 4 – Phishing, Web & Ransomware

Know the most common phishing tactics and behaviors that put users at high-risk of being phished. 37.9% of people who don’t undergo cyber awareness training fail phishing tests, so large enterprises are almost sure to have users who get phished. Phishing can either take the form of manipulating a victim to share sensitive information or baiting them into clicking something that executes malicious code.

Day 5 – Trust Relationships

Learn which configurations have the highest likelihood of being exploited in a breach. Company networks are configured to enable collaboration and accessibility for employees. Attackers will exploit trust relationships between systems to move laterally across an organization’s network and create a major breach.

Day 6 – Compromised Credentials

A whopping 80% of breaches are due to compromised credentials. There are various methods attackerscan use to steal credentials that you should be aware of. Intercepting and extracting login info from unencrypted or incorrectly encrypted communications is one such method. Reuse and sharing of passwords by users across different systems also helps attackers to steal credentials.

Day 7 – Malicious Insiders

If an employee went rogue, do you know the level of damage they could do to the business? Become knowledgeable on the different privileges that users in your organization have and the controls in place to prevent exfiltration of sensitive data. It is also important to lay out a disaster recovery plan in the instance that a malicious insider impairs business critical systems.

Day 8 – Missing/Poor Encryption

Identify which systems need to have encrypted communications. Then, try to determine the level of encryption necessary for each. Many attackers will lie in wait after an initial breach and observe unencrypted communications, looking for login information or intel that allow them to impersonate a user or system.

Day 9 – Zero days and Unknown Methods

Zero day attacks are difficult to prepare for because there is no available fix. In these cases, attackers have discovered an exploitable bug that has not yet been reported to the software vendor. Study past zero day attacks and learn different tactics for mitigating the severity of these breaches.

Day 10 – Deploy Real-Time Technology

Balbix continuously analyzes the enterprise attack surface for all 9 types of vulnerabilities. It provides risk items prioritized by vulnerability severity and heatmaps to understand your most vulnerable areas from a business perspective. Request a demo to take a tour of the platform.