Vulnerability exploitation continues to be one of the most popular and effective methods of cyberattacks. And often it is not 0-Day or 1-Day vulnerabilities that are exploited, but even vulnerabilities that were published several years ago and for which patches have been available for a long time. Vulnerability management is one of the basic cybersecurity processes, but it is complicated by organizational confusion in various vulnerability registries and the fact that large companies may have a large number of installations different software that cannot be patched outside of agreed-upon technology windows. A particularly acute challenge in the current Russian reality is the lack of technical support from foreign vendors that have left and the inability to legally update imported software. The cyberattack surface is increasing both due to aging Western software and import-substituting domestic solutions that are piloted by organizations and actively developed by Russian vendors, sometimes failing to keep up with exploit creators. The widespread use of Open Source with its complex program dependencies also places more and demands on the seemingly simple and long-described vulnerability management process.
The conclusion is simple - without the use of automation tools it will be very difficult to manage the whole zoo of various imported and domestic software, to keep track of instances, to control versions, to install updates. Earlier we prepared an overview of the vulnerability assessment systems market, and today we offer an analytical comparison of Russian vulnerability management systems.
Read the full article here:
Analytical_comparison_vulner.pdf
Provided by CyberMedia portal
Read also...
