Paul Asadoorian and Jack Daniel present the "Vulnerabilities Exposed" webcast series, uncovering the most frustrating struggles in vulnerability management and presenting creative solutions.
Removing the Bucket
Whenever I look at a computer, network traffic, or software, I just can’t help but think about all the vulnerabilities I read about each week. I also think about the tools and techniques employed by attackers to successfully compromise systems. Sometimes I almost want to give up hope and throw in the towel. Sometimes I want to just put a bucket over my head and declare victory.
When I come to my senses, I realize that the defenders have a chance. We must be ready to face the challenges of securing today's networks. This is not going to be an easy journey, but it will be a rewarding one. You get out of something what you put into it, and that couldn't be more true when it comes to getting a handle on finding and fixing vulnerabilities and the processes of vulnerability management.
Webcast #1 - How to Reduce Your Patch Cycle
I really love the "Vulnerabilities Exposed" webcast series title, as it accurately describes the mission of security and how Tenable's products will help. Jack and I are producing a 4-part webcast series to explore several topics in depth. The foreground for our discussion is this: As we continue to adopt new technologies, vulnerabilities will have new places to hide.
To kick off the series, on August 27th at 2 pm EDT, Jack and I will speak to the patch cycle in "Reducing Your Patch Cycle to Less Than 5 Days". Is a 90-day patch cycle the best your organization can achieve?
In the webcast, Jack and I will dive into the challenges of vulnerability management and present solutions to help you fully leverage your vulnerability management process and reduce your patch cycle. We'll demonstrate how just one vulnerability, and associated exploit, can lead to certain disaster. Our solutions will include process recommendations and how to use Tenable’s products to improve the security and integrity of your IT infrastructure.
I know what you're all thinking: "That's impossible!," "My systems administrators would kill me for even thinking that," and "I will never patch everything so patch cycle duration is irrelevant." I welcome all those comments, but give us 45 minutes to explain ourselves, and then we'll have that conversation. If everyone's comments are still not addressed, you can type in your questions at the end of the webcast.
Exposing Yourself to Vulnerabilities
Several new technologies have provided some new and unique hiding places for vulnerabilities. In addition to "exposing" the patch cycle, Jack and I will cover the following topics on future webcasts in this series.
Virtualization - The ability to create new servers with the click of a button, pause them for later use, clone them easily, and host all your servers on just a few VMs is a lifesaver in today's IT world. However, this technology presents several unique security challenges which we will explore.
Mobile/BYOD - The scary thing about mobile and BYOD is it falls far outside traditional IT operations. It’s not a server, desktop, piece of software, virtual machine, or network device. It’s all those things put together, and often IT has little control. However, the threats are increasing with new malware and evil techniques being released frequently, allowing attackers to pluck the credentials right off the devices without much trouble.
Reporting & Communication - Once Jack and I have gone through the vulnerability discovery techniques, the ever-important step of reporting and communication must take place. With all of your newfound knowledge of uncovering vulnerabilities, we will arm you with new ways to keep the information flowing, in the right directions and to the right people.
Register for the “Vulnerabilities Exposed” Webcasts
We hope you can join us on August 27th at 2 pm EDT for the “exposing” patch cycle webcast. Register now!
You can view all of our webcasts and register for upcoming webcasts in the "Vulnerabilities Exposed" series on Tenable's webcast page.