Best Practices to Cybersecurity Vulnerability Management,.pdf

ABOUT NETCOM LEARNING
NetCom Learning is an award-winning
global leader in managed learning
services,training and talentdevelopment.
Founded
Headquarters
Delivery Capability
: 1998
: New Y
orkCity
: Worldwide
CEO : Russel Sarder
100K+
Professionals
trained
14K+
C
orporate
clients
3500
IT
,Business&
Soft Skilscourses
96%
Of customers
recommend usto others
8.6/9
Instructor
evaluations
20+
Leadingvendors
recognitions
Microsoft’s
Worldwide training
partner of the year
80%
Trained ofthe
Fortune 100
T
op20
ITTraining
Company
Interested in training? Contact us! | www.netcomlearning.com | (888) 563-8266 | comptia@netcomlearning.com
© 1998-2022 NetCom Learning

CLICK HERE TO WATCH
Access the Recorded Session here!
© Interested in training? Contact us! | www.netcomlearning.com |
© 1998-2022 NetCom Learning (888) 563-8266 | comptia@netcomlearning.com

© 1998-2022 NetCom Learning Interested in training? Contact us! www.netcomlearning.com (888) 563-8266 comptia@netcomlearning.com
| | |
AGENDA
Importance of threat data and intelligence
Introduction to vulnerability management activities
Common vulnerability assessment tools
Implementation of security measures
Q&A

| | |
WHY VULNERABILITY ASSESSMENT?
• A vulnerability assessment is designed to identify unpatched and exploitable vulnerabilities,
giving the organization the opportunity to remediate these deficiencies before they are
discovered by a bad actor.
• The evolving tools, tactics and procedures used by cybercriminals to breach networks means that
it's important to regularly test your organization's cyber security.
• Vulnerability assessment helps to protect your organization by providing visibility of security
weaknesses and guidance to address them.
• It helps with greater security insights, ongoing risk management, and the ability to meet
regulatory obligations.

| | |
• Vulnerability management is different from vulnerability assessment.
• Vulnerability management is an ongoing process, while a vulnerability assessment is a
one-time evaluation of a host or network.
• Vulnerability assessment is part of the vulnerability management process, but not vice
versa.
VULNERABILITY ASSESSMENT VS. VULNERABILITY MGMT.

| | |
• Collection and analysis of information about threats and
adversaries- drawing patterns- provide an ability to make
decisions – for preparedness, prevention, response- against
various cyber attacks.
• Identify and mitigate various business risks- Implementing
various advanced and proactive defense strategies.
• CTI is Collecting information about presumed attacks to
understand their motive behind attacks- the approach they
must follow- analyze this information for securing IT
infrastructure of an organization in advance.
CYBER THREAT INTELLIGENCE
Information
Meaningful
Intelligence
Analyzed, interpreted,
In-depth knowledge
Supports Decision making &
Response Actions
Data
Raw, huge, no context, un-processed
(Structured/
Unstructured)

| | |
IMPORTANCE OF THREAT DATA AND INTELLIGENCE
• Threat intelligence is data that is collected, processed, and analyzed to understand a threat actor’s
motives, targets, and attack behaviors.
• Threat intelligence enables us to make faster, more informed, data-backed security decisions and
change their behavior from reactive to proactive in the fight against threat actors.
• Threat intelligence is evidence-based about existing or emerging menaces or hazards to assets.
• Threat intelligence benefits organizations of all shapes and sizes by helping process threat data to
better understand their attackers, respond faster to incidents, and proactively get ahead of a
threat actor’s next move.
• Ensure you stay up to date with the often-overwhelming volume of threats, including methods,
vulnerabilities, targets and bad actors.
• Reducing risk
• Preventing financial loss

| | |
BENEFITS OF THREAT INTELLIGENCE
• Providing greater insights into cyber threats
• Preventing data loss- by identifying cause of data leakage
• Guiding in incident response
• Conducting data analysis- to identify exploitable data
• Helps in conducting threat analysis- detecting advanced
threats
• Helps in sharing threat information- spread awareness
• Identifying IOCs
• Discovering tactics, techniques and procedures (TTPs) for
possible attacks

| | |
VULNERABILITY RESEARCH VS. VULNERABILITY ASSESSMENT
Vulnerability Research
• Discovering vulnerabilities and design flaws
• Vulnerabilities are classified based on
• Severity Level- Low, medium, high
• Exploit Range- Local or Remote
• An administrator needs vulnerability research
• Gather information about security trends, threats, attacks
• Gather information that helps to prevent security problems
• Find weakness and alert concerned person before a network attack
• To know how to recover from a network attack
Vulnerability Assessment
• Examination of the ability of a system or application to withstand assault
• Vulnerability assessment may be used to
• Identify weakness that could be exploited
• Predict effectiveness of additional security measures in protecting information from attacks

| | |
VULNERABILITY SCORING SYSTEMS AND DATABASES
• Common Vulnerability Scoring System (CVSS)
• CVSS provides an open framework for communicating the characteristics and impacts of IT vulnerabilities
• Its quantitative model ensures repeatable accurate measurement, while enabling users to view the
underlying vulnerability characteristics used to generate the scores.
• Common Vulnerabilities and Exposures (CVE)
• A publicly available and free-to-use list or dictionary of standardized identifiers for common software
vulnerabilities and exposures
• National Vulnerability Database (NVD)
• A U.S. government repository of standards-based vulnerability management data represented using the
Security Content Automation Protocol (SCAP)
• These data enable the automation of vulnerability management, security measurement, and compliance
• The NVD includes databases of security checklist references, security-related software flaws,
misconfigurations, product names, and impact metrics
• Common Weakness Enumeration (CWE)
• A category system for software vulnerabilities and weaknesses
• It is sponsored by the National Cybersecurity FFRDC, which is owned by The MITRE Corporation, with
support from US-CERT and the National Cyber Security Division of the U.S. Department of Homeland
Security
• It has over 600 categories of weaknesses, which enable CWE to be effectively employed by the
community as a baseline for weakness identification, mitigation, and prevention efforts.

| | |
VULNERABILITY CLASSIFICATION
• Misconfigurations
• Default Installations
• Buffer overflows
• Unpatched Servers
• Design Flaws
• Operating system flaws
• Application Flaws
• Open services
• Default passwords

| | |
TYPES OF VULNERABILITY ASSESSMENT
• Active Assessment
• Uses a network scanner to find hosts, services, and vulnerabilities
• Passive Assessment
• Used to sniff the network traffic to discover present active systems, network services, applications, and
vulnerabilities present
• External Assessment
• Assesses the network from a hacker's perspective to discover exploits and vulnerabilities that are
accessible to the outside world
• Internal Assessment
• Scans the internal infrastructure to discover exploits and vulnerabilities
• Host-based Assessment
• Conducts a configuration-level check to identify system configurations, user directories, file systems,
registry settings, etc., to evaluate the possibility of compromise
• Network-based Assessment
• Determines possible network security attacks that may occur on the organization’s system
• Application Assessment
• Tests and analyzes all elements of the web infrastructure for any misconfiguration, outdated content, or
known vulnerabilities
• Database Assessment
• Focuses on testing databases, such as MYSQL, MSSQL, ORACLE, POSTGRESQL,etc., for the presence of
data exposure or injection type vulnerabilities

| | |
TYPES OF VULNERABILITY ASSESSMENT
• Wireless Network Assessment
• Determines the vulnerabilities in the organization’s wireless networks
• Distributed Assessment
• Assesses the distributed organization assets, such as client and server applications, simultaneously
through appropriate synchronization techniques
• Credentialed Assessment
• Assesses the network by obtaining the credentials of all machines present in the network
• Non-Credentialed Assessment
• Assesses the network without acquiring any credentials of the assets present in the enterprise network
• Manual Assessment
• In this type of assessment, the ethical hacker manually assesses the vulnerabilities, vulnerability ranking,
vulnerability score, etc.
• Automated Assessment
• In this type of assessment, the ethical hacker employs various vulnerability assessment tools, such as
Nessus, Qualys, GFI LanGuard, etc.

| | |
VULNERABILITY ASSESSMENT TOOLS
• Qualys Vulnerability Management
• A cloud-based service that offers immediate global visibility into IT system areas that might be
vulnerable to the latest Internet threats and how to protect them
• Aids in the continuous identification of threats and monitoring of unexpected changes in a
network before they become breaches
• Nessus Professional
• An assessment solution for identifying the vulnerabilities, configuration issues, and malware.
• GFI LanGuard
• Scans, detects, assesses, and rectifies security vulnerabilities in a network and connected
devices
• OpenVAS
• A framework of several services and tools offering a comprehensive and powerful vulnerability
scanning and vulnerability management solution
• Nikto
• A web server assessment tool that examines a web server to discover potential problems and
security vulnerabilities

| | |
VULNERABILITY ASSESSMENT TOOLS
• Qualys FreeScan https://freescan.qualys.com
• Acunetix Web Vulnerability Scanner https://www.acunetix.com
• Microsoft Baseline Security Analyzer (MBSA) https://www.microsoft.com
• beSECURE (AVDS) https://www.beyondsecurity.com
• Nexpose https://www.rapid7.com
• Core Impact Pro https://www.coresecurity.com
• N-Stalker Web Application Security Scanner https://www.nstalker.com
• SAINT https://www.saintcorporation.com
• ManageEngine Vulnerability Manager Plus https://www.manageengine.com

| | |
CHOOSING A VULNERABILITY ASSESSMENT TOOL
Vulnerability assessment tools are used to test a host or application for vulnerabilities
Choose the tools that best satisfy the following requirements:
• Can test from dozens to 30,000 different vulnerabilities, depending on the product
• Contains several hundred different attack signatures
• Matches your environment and expertise
• Has accurate network, application mapping, and penetration tests
• Has several regularly updated vulnerability scripts for the platforms that you are scanning
• Generates reports
• Checks different levels of penetration in order to prevent lockups
• Ensure that it does not damage your network or system while running tools
• Understand the functionality, and decide on the information that needs to be collected before
beginning
• Decide the source location of the scan, taking into consideration the information that needs to
be collected
• Enable logging every time a computer is scanned
• Users should scan their systems frequently for vulnerabilities

| | |
IMPLEMENTATION OF SECURITY MEASURES
• Develop a cybersecurity strategy for your organization, A cybersecurity strategy is a high-level plan
for how your organization will secure its assets during the next three to five years.
• Create a detailed cybersecurity policy, A cybersecurity policy sets the standards of behavior for
activities such as the encryption of email attachments and restrictions on the use of social media.
• Backup and encrypt your data.
• Use multi-factor authentication.
• Create secure passwords and keep them safe.
• Use the principle of least privilege.
• Know who is accessing your data.
• Educate and train your employees.
• Keep all software and apps up to date.
• Don’t underestimate hackers.

RECOMMENDED COURSES
NetCom Learning offers a comprehensive portfolio for Security
» EC-COUNCIL CHFI: COMPUTER HACKING FORENSIC INVESTIGATOR V10 – Class Scheduled on Oct 17
» COMPTIA PENTEST+ CERTIFICATION PREP (EXAM PT0-002) - Class Scheduled on Dec 12
» COMPTIA SECURITY+ CERTIFICATION PREP (EXAM SY0-601) - Class Scheduled on Oct 24
You can also access the below Marketing Assets
» Free 1hr Training - Getting started with 5 fundamental domains of cybersecurity governance
» Free On-Demand Training - Learn to Defend Against Multi-Stage Network Breaches in 40 Minutes
» Blog - What’s New in EC-Council CEH v12: Features & Updates
Interested in training? Contact us! | www.netcomlearning.com |

OTHER MARKETING ASSETS
COURSES & CERTIFICATIONS
OUR FREE VIRTUAL EVENTS BLOGS SAVINGS PROGRAMS & PROMOS
(888) 563-8266 | comptia@netcomlearning.com

Stay Digital Safe - Assess and Upskill your team against cyber threats now !
NetCom Learning's end-user Cybersecurity Awareness Training & Phishing Simulation Solution offers phishing simulations on email,
voice, and text to organizations, and is bundled with 90+ interactive security awareness video courses for the end-users.
Request a Demo

The number of cyberattacks across the globe is increasing with time. Can you afford to compromise your organization’s security?
Equip your workforce with advanced ethical hacking skills with all new EC-Council C|EH® v12 and improve your
organizational security!
Upskill Now

Learning Passport
Flexible Team Training Package
Specifically designed to be customized for the number of learners you
plan to train on top-notch technology providers – including Microsoft,
AWS, Cisco, CompTIA, Adobe, Autodesk, PMI, EC-Council, and more.
Redeemable over 4,000+ official courses
Flexible fund validity of 12 months
Contact Us Now To Schedule your appointment with our learning consultants.
Toll-free Phone: 1-888-563-8266 | Email: info@netcomlearning.com
Learn More

NetCom
Individual Learner Subscription
Get 24/7 access to unlimited virtual instructor-led and self-paced IT and
business training for 12 months. NetCom+ includes over 250 e-Learning
and 140 virtual instructor led courses across various domains.
$2,999 per learner per year
* Additional discounts available for enterprises
+
Learn More

FOLLOW US ON
LinkedIn T
witter YouTube
Instagram

A BOOK FROM
RUSSELL SARDER
CEO - NETCOM LEARNING
A framework to build a smarter
workforce, adapt to change and drive
growth.
Download

Thankyou

Best Practices to Cybersecurity Vulnerability Management,.pdf

Recommended

Recommended

More Related Content

Similar to Best Practices to Cybersecurity Vulnerability Management,.pdf

Similar to Best Practices to Cybersecurity Vulnerability Management,.pdf (20)

More from Tuan Yang

More from Tuan Yang (20)

Recently uploaded

Recently uploaded (20)

Best Practices to Cybersecurity Vulnerability Management,.pdf