Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Vulnerability Management in Government: Visibility Plus Context

Vulnerability management is an essential part of government cybersecurity. It requires not only continuous monitoring and visibility to spot vulnerabilities, but also the context needed to prioritize vulnerabilities based on risk so agencies can take effective action to eliminate, patch or mitigate.

Successful coaches know that a winning team must be able to execute on the fundamentals. The same holds true for government cybersecurity. The best talent and technology by themselves cannot ensure the security of an agency’s enterprise without a focus on the basics.

Vulnerability management is fundamental to government cybersecurity

Vulnerability management is fundamental to government cybersecurity. It is essential to good cybersecurity hygiene and a basic element of your agency’s risk management. It requires not only that you identify vulnerabilities, but also prioritize them so that they can be effectively eliminated, patched or mitigated. This requires not only visibility, but also context. Tenable, already the most widely deployed security solution for discovering what and who is on your network, can also provide the context and communication you need for fully effective vulnerability management.

Risk

According to the latest 2016 Data Breach Investigations Report from Verizon, the median time to exploit a newly identified vulnerability is about 30 days, and the top 10 vulnerabilities account for about 85 percent of successful exploits. This provides agencies with a reasonable window to patch or mitigate the most troublesome vulnerabilities in their systems. But there are another 900 Common Vulnerabilities and Exposures (CVE) that are being targeted by the remaining 15 percent of exploits.

Add to this the fact that your networks are dynamic, with new hardware and software continually coming online and increasingly mobile users accessing your resources remotely, and it becomes clear that managing vulnerabilities must be a continuous process.

A vulnerability management program can’t be effective if it manages only some of your agency’s assets

A vulnerability management program can’t be effective if it manages only some—or even most—of your agency’s assets. It must detect new and hidden (or shadow) devices and applications, as well as transient end devices such as laptops and mobile devices. These unknowns, including cloud assets, must be identified, their status and configuration discovered, and then managed on an ongoing basis.

Management

Anyone who has updated, patched or mitigated vulnerabilities knows that this is not a trivial task. All changes must be vetted to ensure that they do not interfere with vital government missions. Devices that are not permanently part of the network must be managed when they show up—all while dealing with the addition of new software and hardware. This means that vulnerability management must be prioritized. If you can’t eliminate all vulnerabilities, you have to focus on the most important ones.

If you can’t eliminate all vulnerabilities, you have to focus on the most important ones

Which vulnerabilities are most important depends on the level of risk they represent, and this will vary from agency to agency. It depends on the likelihood that a vulnerability will be exploited, and the potential impact. So you not only need to spot the vulnerability, you must also know something about it and the system where it lives.

Relevant information must be made available to public sector stakeholders, including the security team, IT operations, asset owners, and executive-level management.

Visibility plus context

Tenable Network Security provides the visibility and critical context needed to move your agency beyond vulnerability scanning to effective vulnerability management. Tenable’s passive traffic and event monitoring detect and monitor services and applications in use, even in cloud and virtualized environments.

SecurityCenter™ is a comprehensive solution that provides not only discovery, but also analysis and a variety of customizable dashboards, reports and Assurance Report Cards™ so that stakeholders get the information they need. It combines technology with people, with a research team that provides daily content updates.

SecurityCenter provides:

  • Broadest coverage of CVEs
  • Powerful communication
  • Easy integration with third-party solutions
  • Support from Tenable’s world-class team of researchers

The government vulnerability management life cycle includes continuous monitoring, analysis and response. By providing full-cycle vulnerability management, Tenable is ready to help your agency create a successful vulnerability management program.

Check out these resources for more information on vulnerability management:

Related Articles

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training