AppCheck – Vulnerability Management
With the attack surface widening and cyber criminals crafting more sophisticated ways of breaching businesses, doing the basics with cyber security has never been more important. Security Posture should be an ever evolving state where regardless of the size of your business, you are practicing posture hardening tactics and consistently developing your security strategy to keep up with the ever evolving landscapes of attacks.
The foundations of a good Security Posture involve some core components that are needed to continue day to day activities as a business knowing that you have done what is possible with the resources and budgets that you have available.
When we talk about the foundations of a good security posture, it starts with core technology areas that are combined with compliance and best practice guidelines. There are plenty of advanced technology areas that can be bolted on but these should be carefully considered as they are expensive and require dedicated security analysts to analyse and correlate the threat information which can be expensive paperweights if not executed correctly. There are so many more areas of security such as DAG (Data Access Governance) & FIM (File Integrity Monitoring) that are considered far more advanced but businesses simply can’t deploy their whole roadmap in one year, you need to pick your battles and align with evolving budget plans and cycles.
Vulnerability Scanning & Management
Penetration Testing
IAM (Identity Access Management)
MFA (Multi-factor Authentication)
PAM (Privilege Access Management)
EDR (Endpoint Detection & Response)
NDR (Network Detection & Response)
NGFW (Next Generation Firewall)
DLP (Data Loss Prevention)
NAC (Network Access Control)
Email Security & Phishing Defense
Security Awareness Training
Threat Detection & Monitoring
Everyone wants to talk about Zero Trust and SASE (Secure Access Service Edge) but Zero Trust should effectively start at the Identity, Governance and Federation layer and not just the Network layer. ZTNA (Zero Trust Network Access) in its most simple form is providing a number of authentication mechanisms to authenticate users to different parts of the network and application estate.
Vulnerability Scanning & Management tools are an extremely effective deterrent against more typical types of cyber-attack. MITRE ATT&CK is the Adversarial Tactics, Techniques, and Common Knowledge and forms a guideline for classifying and describing cyberattacks and intrusions. TTPs (Tactics, Techniques and Processes) are used to define typical types of attacks and the strategy used by the malicious attack.
There is a particular type of attack where VA Scanning tools are being used by cyber criminals to assess the potential threat surface and then seek to exploit all known attack vectors. Vulnerability scans typically check if the configuration of a target host/application (firmware and version) potentially aligns with the target of a specific exploit the adversary may seek to use.
These scans may also include more broad attempts to gather victim host information that can be used to identify more commonly known, exploitable vulnerabilities. Vulnerability scans typically harvest running software and version numbers via server banners, listening ports, or other network artifacts. Information from these scans may reveal opportunities for other forms of reconnaissance (Search Open Websites/Domains or Search Open Technical Databases), establishing operational resources (develop capabilities or obtain capabilities), and/or initial access (Exploit Public-Facing Application).
Contact Us
01452 341 953
Corinium House, Corinium Avenue, Barnwood, Gloucester, GL4 3HX.
Get Started
Speak to a member of our team to advance your business with IT services, today!