Vulnerability Management Has a Data Problem>
Dark Reading – Tal Morgenstern
The biggest barrier to improving vulnerability remediation is that the data is siloed in many different systems: vulnerability data in the scanner, business context data in the configuration management database or asset repository, or, worse yet, in people’s heads. Additionally, the security team may deploy several vulnerability management tools siloed across different teams â to those who scan for vulnerabilities, threat intelligence teams, IT operations technicians, etc.

Compounding the issue is the fact that many data points aren’t stored by existing tools. Further, some vulnerability management tools ignore the data points that are not stored. So, if a CISO asks how many vulnerabilities were fixed in the last six months, corresponding data is not available in most vulnerability management tools.

Now comes the hard part â creating the workflows and processes needed to improve remediation outcomes. First, the vulnerability remediation team must get the business unit owners involved, asking them to identify critical business functions and the relationships between assets. Align the business function with the supporting technology products, then assess the criticality of each asset and tie it back to the vulnerability management program. Next, security teams should recruit partners from the DevOps and IT operations teams to help coordinate and collaborate on remediation efforts. his kind of collaboration isn’t easy, intuitive, or historically mandated, so security team leads must seek ways to bring these players to the table through cross-function strike teams, training, and other hands-on efforts. Finally, efficiently collecting, parsing, and analyzing that data is key to maturing vulnerability remediation programs.
Link: https://www.darkreading.com/vulnerabilities—threats/vulnerability-management-has-a-data-problem/a/d-id/1339827