Vulnerability Management is like a Hydra, chop off one head and two more grow back. It is impossible to keep up. How do you prioritize? How can you get ahead? Maybe “ahead” is too ambitious - but what about drastically reducing risk? One way to make an impact is with attack path mapping. Allowing VM teams to quickly identify the weak device in the chain on how an attacker could move laterally to the so-called “Crown Jewels.” In this session, users will learn the best practices on how to ingest router and firewall data for better attack path mapping and how to quickly break the chain in the attack path, allowing you to sever the head of the Hydra.
3. S O F T W A R E
A P P L I C AT I O N S
D E V I C E S
V U L N E R A B I L I T I E S
&
E X P L O I T S
AT TA C K
S U R FA C E
&
R I S K
The
Problem
4. AT TA C K
S U R FA C E R E A L
B U S I N E S S
R I S K
S E C U R I T Y
P O S T U R E
The
Goal
5. A
C O M M O N
S I T U AT I O N
• Scan
and
patch
all
vulnerabilities
(not
possible)
• Limited
prioritization
methods
• No
accommodation
for
complex
networks
W H AT
S H O U L D
B E
D O N E
I N S T E A D
Change
the
Conversation
• Consolidate
and
prioritize
vulnerabilities
• Leverage
vulnerability
context
• Understand
attackers
• Run
attack
simulations
• Map
attack
paths
• Focus
critical
assets
6. Vulnerabilities
identified
by
a
scanner
show
an
overload
of
data.
These
are
identified
as
Credit
Card
Risk
based
on
asset
tag.
Vulnerability
Prioritization
Scan
Results
Contribute
to
Data
Overload
7. Matched
against
exploitable
vulnerabilities
from
multiple
sources,
the
scope
decreases
dramatically,
resulting
in
a
reduced
amount
of
vulnerabilities
Vulnerability
Prioritization
Match
and
Prioritize
Exploits
5,000 ê58%
8. Vulnerabilities
are
further
prioritized
based
on
attack
path
simulation,
using
asset
data,
network
data,
vulnerability
context,
and
exploits.
Vulnerability
Prioritization
Attack
Path
Simulation
and
Validation
80 ê98%