The Role of Visualization in Vulnerability Management · The ole of Visualization in Vulnerability...

4
Mieng Lim of Digital Defense on the Benefits of Enhancing Visibility The Role of Visualization in Vulnerability Management

Transcript of The Role of Visualization in Vulnerability Management · The ole of Visualization in Vulnerability...

Page 1: The Role of Visualization in Vulnerability Management · The ole of Visualization in Vulnerability Management 3. 902 Carnegie Center • Princeton, NJ • 08540 • About ISMG Information

Mieng Lim of Digital Defense on the Benefits of Enhancing Visibility

The Role of Visualization in Vulnerability Management

Page 2: The Role of Visualization in Vulnerability Management · The ole of Visualization in Vulnerability Management 3. 902 Carnegie Center • Princeton, NJ • 08540 • About ISMG Information

Threat intelligence and visualization

technology can play huge roles in

improving vulnerability management.

Mieng Lim of Digital Defense outlines the

potential benefits.

In an interview with Tom Field of Information Security Media Group,

Lim also discusses:

• What’s missing today in vulnerability management;

• The roles for threat intelligence and visualization;

• Immediate benefits of enhancing visibility.

Lim, vice president of product management at Digital Defense

Inc., has served as a security expert for the firm since 2001. She

takes a consultative approach to security having held prior roles in

operations, quality assurance and sales engineering.

What’s Missing?TOM FIELD: So I want you to set the stage for our discussion

about vulnerability management. From your perspective, what’s

missing today?

MIENG LIM: We’ve come a long way since back in the eighties and

nineties when there wasn’t even an information security title – it

was IT managers. We were cobbling together tools in order to

achieve the things that we wanted to see.

We’ve come a long way since then. And one of the challenges that

we have today is having a programmatic mechanism of vulnerability

management. Some programs out there are very ad hoc. They’re

not covering a lot of the network; there’s a lot of segmentation

going on.

They’re not able to see everything that’s on their network. So they

might have blind spots, and that presents a lot of challenges and

potential attack surfaces that they don’t have visibility into.

VisualizationFIELD: Talk to me about threat intelligence and visualization in

terms of the role that they should be playing in remediation.

LIM: It’s huge right now. Threat intel today is one of the most

important elements influencing remediation prioritization. We’ve

always known each vulnerability had severity. A lot of organizations

are still basing their prioritization off of CVSS and CVE scoring. But

unfortunately, if you look at all of the scoring, you only get a very

broad picture of what’s important and what needs to be resolved.

Mieng Lim

The Role of Visualization in Vulnerability Management 2

Page 3: The Role of Visualization in Vulnerability Management · The ole of Visualization in Vulnerability Management 3. 902 Carnegie Center • Princeton, NJ • 08540 • About ISMG Information

And especially with the transition from CVSS 2 to CVSS 3 scoring, everything’s critical now.

So how do you actually determine what’s really important?

Being able to apply threat intelligence, where’s the chatter coming from in the dark web?

What malware is actually leveraging specific CVEs or specific vulnerabilities, as well as

what root kits and exploit kits are actually including certain vulnerabilities and exploiting

those? Those are the ones that you really want to fix. So it’s important to be able to see not

only the criticality of the asset, but also how important that is. It gives you another metric to

prioritize those vulnerabilities.

Immediate BenefitsFIELD: Let’s say we enhanced the visualization in this process. What are the immediate

benefits that one would see?

LIM: When you think about a lot of tools out there today, you get a lot of lists. They’re kind

of boring to look at, to be perfectly honest. And it’s hard to understand what the impact

is. If I resolve a condition on one particular asset, being able to visualize and see what all

it touches to show the impact of resolving this vulnerability versus another condition on

another asset in a different segment can be very powerful.

Being able to capture that then and put it into a report and show that report to nontechnical

folks also can be very powerful to an IT administrator or a security operations individual

to try to impart how important resolving this particular condition from a prioritization

perspective versus another condition could be.

Digital Defense’s RoleFIELD: Talk to me about Digital Defense. What are you doing to help your customers to

improve their defenses?

LIM: We wanted to make sure that our platform is very easy to use. We know that not

every organization has the benefit of having extensive resources or a lot of expertise in

cybersecurity. So we want to simplify all of that for the organizations and give vulnerability

management to the people. We want to enable everyone to be able to utilize the platform

regardless of how experienced they are – without harming their network.

We’ve designed a platform that includes the capability for an organization to run

vulnerability assessments and web application scans. We offer an active threat sweep

capability that helps to bolster endpoint protection.

In the event that malware gets past perimeter defenses or disables endpoints, we want

to have a second line of defense there to let them know, “Something’s going on with this

particular asset,” without having to go through extensive agents. We have a platform that

we’ve designed to make it very easy for organizations to show intelligent remediation to

risk and very easily prioritize that as well. n

“We know that not every organization has the benefit of having extensive resources or a lot of expertise in cybersecurity. So we want to simplify all of that for the organizations and give vulnerability management to the people.”

The Role of Visualization in Vulnerability Management 3

Page 4: The Role of Visualization in Vulnerability Management · The ole of Visualization in Vulnerability Management 3. 902 Carnegie Center • Princeton, NJ • 08540 • About ISMG Information

902 Carnegie Center • Princeton, NJ • 08540 • www.ismg.io

About ISMG

Information Security Media Group (ISMG) is the world’s largest media organization devoted solely to information

security and risk management. Each of our 28 media properties provides education, research and news that is

specifically tailored to key vertical sectors including banking, healthcare and the public sector; geographies from

North America to Southeast Asia; and topics such as data breach prevention, cyber risk assessment and fraud.

Our annual global Summit series connects senior security professionals with industry thought leaders to find

actionable solutions for pressing cybersecurity challenges.

Contact

(800) 944-0401 • [email protected]

CyberEd