Cost-effective approach to full-cycle

vulnerability management

Sumita Chotani 13th November 2012

Company Confidential

Common Issues across SMB

2

One man army

Security is not a priority

Upper Management wants results

Time is of the essence

User friendly product is imperative

AUTOMATION is the key

3

What can you automate?

Identifying your Network Topology and Asset

Management?

Vulnerability Assessment of the network?

Reporting the findings of the assessment?

Remediation workflow via a ticketing system?

Identifying your network topology

and Asset Management

4

Discover, understand and organize your network

and the people managing the systems

3 Basic Steps:

o Run Scheduled maps*

o Form Asset Groups around the existing

logical structure

o Assign each Asset Group to its respective

owner

Map ~ Network discovery

Identifying your network topology

and Asset Management

5

6

Identifying your network topology

and Asset Management

7

Identifying your network topology

and Asset Management

Identifying your network topology

and Asset Management

8

Vulnerability Assessment of the

network

9

Periodic scanning of all perimeter and internal

systems

E.g.

o Nightly scans of Production Environment

o Weekly scans Critical servers and workstations

o Monthly scans of entire network pre and post Patch

Tuesday

Vulnerability Assessment of the

network

10

11

Reporting the findings of the

assessment

Actionable Report

o Patch Report • One Interactive Report:

- View of a Patch Matrix

- Patch – Host Mapping

- Link to download the Patch

Schedule report generation

12

Reporting the findings of the

assessment

13

Reporting the findings of the

assessment

14

Setting up a Remediation workflow

via a ticketing system

Need for Closed Loop Ticketing System

15

Setting up a Remediation workflow

via a ticketing system

Closing Open Tickets

16

Setting up a Remediation workflow

via a ticketing system

Reopening Closed Tickets

17

Setting up a Remediation workflow

via a ticketing system

18

Setting up a Remediation workflow

via a ticketing system

Check - List

19

Automated Inventory Lookup ✓ Asset Management and Delegation ✓ Automated Scanning ✓ Automated Report Generation ✓ Reports for Patch Management ✓ Automated Remediation Workflow ✓

20

Reduce workload for everyone through

automation and prioritisation

schotani@qualys.com

Thank You

© 1999–2012 Qualys, Inc. All rights reserved.