Skip to main content

News: Mitigating zero-day threats in the age of attack automation

04.Oct.2019
Srinivasan Jayaraman, Vulnerability Research Manager at Outpost24,
Network Security
How to prioritise, remediate and mitigate zero-day threats in the age of attack automation.

As organisations today continue to embrace digital transformation and deploy new technology into enterprise networks to improve customer and employee experience, new security threats are being rapidly introduced.

These new technologies are often introduced without any security considerations and the software they are running will also often contain vulnerabilities. Cybercriminals are aware of this and every time a new technology comes into place, hackers look to see if there’s a way to attack it or gain control over it before the vulnerability loophole is closed 

In order to detect these security flaws many organisations will rely on vulnerability management tools and scanners, which are commonly used as part of an organisation’s normal security hygiene.

Typically, when a vulnerability is reported, it goes through a disclosure process. Then the organisation that has responsibility for that software or configuration provides a patch or some updates for it. In parallel, during that time of the reported disclosure and patch, vulnerability management vendors are updating their scanners – with scripts that will probe and collect information to determine if a target is vulnerable.

When ready, organisations run those updated scripts across their assets during an appropriate scan window. If a new vulnerability is discovered, prioritising and getting it remediated closes the opportunity for an attacker to gain access to the organisation’s networks. Essentially, the less time the company is exposed, the less time the hacker has to exploit that vulnerability.

Read the full article from from Srinivasan Jayaraman:

IT pro portal logo Mitigating zero-day threats in the age of attack automation

Looking for anything in particular?

Type your search word here