Defense Through the Vulnerability Lifecycle

What’s the “right” security technology? One of the discussions we often have with customers and partners is how the different elements of Alert Logic’s security portfolio (such as intrusion detection, log management, web application firewalls, vulnerability scanning) provide different kinds of information or defense, and why most customers need a combination of them to meet their security goals. A useful framework for thinking about this is the vulnerability lifecycle, which illustrates the impact of a vulnerability as it “ages” through the lifecycle and how to identify and defend against exploits. When a vulnerability is first created – for example, through a coding error – the rate at which it’s exploited is low. Eventually, vulnerabilities are discovered, disclosed and patched – and it’s during this period that exploits become more common. In addition, the reality of patching is that it’s difficult to manage and therefore known but unpatched vulnerabilities can be found in the wild for months, creating an avenue for hackers to attack.

A comprehensive security strategy involves identifying vulnerabilities, defending against exploits that utilize them, and good management of assets to ensure that patches are applied. During each of these stages, different tools are more helpful – which is why there’s no silver bullet in IT security. A good resource for learning more about the vulnerability lifecycle is the SANS Institute white paper, “A Vulnerability Management Approach.” Alert Logic’s security suite includes technologies for all parts of this cycle. We’ve created a summary of how these technologies map to different parts of the vulnerability lifecycle – you can download it here. Whatever security solutions you implement, it’s important to understand which aspects of your threat environment they address. At Alert Logic, we’re always available to discuss your needs.