Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Patch or Risk Being Breached: Tenable.io and the Verizon 2017 DBIR

According to the 2017 Verizon Data Breach Investigations Report (DBIR), time to patch plays a critical role in the risk exposure to your network. The DBIR states (page 13) “research has shown that vulnerabilities are either patched during that initial cycle or tend to hang around for a long time,” meaning that if you don’t patch early and often, then patches don’t get applied and you are at risk of a breach or ransomware attack. Have you implemented the right mitigating controls or has your organization ignored the possible impact of not patching a system? Tenable.io™ can help you understand your current risk exposure by monitoring the time taken to patch vulnerabilities.

If you don’t patch early and often, you are at risk of a breach or ransomware attack

Attackers continue to be successful due to unpatched applications

When discussing risk mitigation strategies I often hear, “The patching process is just one part of our overall security strategy.” In some cases, organizations allow patching to take a backseat to focus on other efforts. The DBIR offers potential justifications (page 13) for organizations failing to patch, “that other controls are in place, or the vulnerabilities may not be exploitable.” Security operation teams may tend to focus more on managing devices that restrict access, including firewalls, intrusion prevention and detection systems. While keeping an unwanted visitor out of your environment is important, patching is critical. Breaches occur by giving an attacker the opportunity to compromise existing vulnerabilities, gaining a greater foothold within your organization.

Practicing good patch management is critical in maintaining a secure environment

Today’s environments are no longer defined by clear boundaries, and access to information is harder to control using traditional methods. Patching applications such as web browsers remains a critical effort. The DBIR (page 41) advises to “Prioritize patching vulnerabilities associated with browser exploitation. This includes the browser software, but also plug-ins.” Likewise, remote devices and/or mobile employees potentially increase risk to your network, as they can leave the protective confines of the network and should be patched appropriately.

Poor security results in organizational cost increases

Since 2008, the Verizon DBIR has provided organizations with insight into managing their risk and avoiding cybersecurity pitfalls. Over the years, we have seen a disturbing trend, where exploits enabled by vulnerabilities that have had patches for at least six months prior to the attacks have skyrocketed. This pattern can easily be broken by timely patch management programs.

For example, according to the DBIR (page 68), “In September, Yahoo announced a data breach from 2014 that compromised the accounts of 500 million.” The Yahoo data breach was made possible by exploiting an unpatched vulnerability in an Account Management Tool. The exploit eventually led to executive resignations and a loss of $350 million of revenue in a buyout offer. These types of attacks can also result in a tarnished reputation. All these consequences are the result of patch management not being practiced on a regular and timely basis.

Tenable.io solutions

Your organization’s patching process should focus on coverage and consistency. Patching efforts should also be aligned with other important parts of your cybersecurity program, such as firewalls, IDS and other defenses. Tenable.io offers several options to support your patch management program.

At the center of Tenable.io is the Vulnerability Workbench. You can view the cumulative vulnerability data here. You can also use the Advanced Search filters to quickly and easily display details of currently missing patches and other vulnerabilities.

Tenable.io Vulnerability Workbench

From the vulnerability workbench, select Advanced on the top navigation bar to access the Advanced Search window.

Vulnerability Workbench Advanced Search

Set the filter to Patch Publication Date and select a time, such as earlier than today’s date.

Vulnerability Workbench Patch Filters

Applying this filter will change the workbench data results (see the next image). You can use this display as a discussion point with administrators and executives. You can also quickly identify the number and severities of the missing patches and available exploits. The trend graph indicates if missing patch counts are increasing or decreasing, and reports how many patches are over 30 days old.

Vulnerability Workbench data results

You are not limited to viewing vulnerability data by Plugin on the Workbench. When asked what types of assets are missing patches, click on the By Assets tab.

Vulnerability Workbench By Assets tab

This Workbench tab displays ring charts that indicate which operating systems and device types are missing patches.

Vulnerability Workbench with missing patches

The Outstanding Patch Tracking dashboard and corresponding report provide easy to understand metrics that can be communicated to anyone in your organization.

Outstanding Patch Tracking dashboard

Tenable.io uses these visual tools to provide insight into the risk exposure of your organization. The vulnerability data enables you to calculate projected costs per vulnerability associated with missing patches, and assists in managing risk. Use this information to effectively discuss the risk potential of delayed patch deployment and its impact on the business with executives.

Use this information to discuss the risk potential of delayed patch deployment and its impact on the business

For more information

Whether you are communicating up the chain, to peers or to your team, Tenable.io provides key analytics to help you address your risk mitigation tasks and to track progress.

Interesting in learning more about Tenable.io?

Related Articles

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training