Tech News, Magazine & Review WordPress Theme 2017
  • Tech
    • Android
    • Home Tech
    • Medical Tech
    • Artificial Intelligence
    • APK
    • Apple
  • Business
    • Startups
    • Marketing
  • Reviews
    • Best Apps
    • Software
    • VPNs
  • Blogging
    • SEO
  • Crypto
    • Blockchain
  • Contact Us
    • About us
    • Careers
    • Use of Cookies
    • Privacy Policy
No Result
View All Result
Techavy
  • Tech
    • Android
    • Home Tech
    • Medical Tech
    • Artificial Intelligence
    • APK
    • Apple
  • Business
    • Startups
    • Marketing
  • Reviews
    • Best Apps
    • Software
    • VPNs
  • Blogging
    • SEO
  • Crypto
    • Blockchain
  • Contact Us
    • About us
    • Careers
    • Use of Cookies
    • Privacy Policy
No Result
View All Result
Techavy
No Result
View All Result

Zero Trust Security is Essential for Scalable Vulnerability Management

by Abhishek Yadav
July 8, 2021
556
SHARES
3.7k
VIEWS
Share on FacebookShare on Twitter

Most organizations are at risk of attack via exploitable vulnerabilities in unpatched systems and applications. However, appropriately managing these vulnerabilities through patch management is quickly becoming infeasible. Implementing a zero trust security strategy using a software defined perimeter (SDP) – also called zero-trust network access (ZTNA) – can enable an organization to manage its cybersecurity risk in a scalable and sustainable fashion.

Software Vulnerabilities are Continuing to Rise

The COVID-19 pandemic had a significant impact on vulnerability detection and reporting in early 2020. Organizations and security researchers focused on maintaining normal operations despite a sudden transition to remote work. As a result, reported vulnerabilities in the first part of 2020 were significantly lower than in 2019.

However, the rest of the year more than made up for the slow rate of vulnerability detections in the first part of the year. In addition to high-profile vulnerabilities like Zerologon, at least 23,269 new vulnerabilities were discovered and reported in 2020. This is less than 1% lower than 2019, indicating that 2020 vulnerabilities – when fully counted – are likely to exceed the previous year despite the COVID-19 pandemic.

Patch-Driven Vulnerability Management is Unsustainable

Vulnerabilities are flaws in software that can be corrected by applying a patch released by the vendor. While ideally all vulnerabilities would be detected and remediated pre-release, many slip through to production. While no organization will need to apply all 23,000+ patches released in 2020, applying even a small percentage to an organization’s systems creates a significant burden for a security team.

In addition to the sheer volume of patches released each year, organizations face other challenges as well that make it difficult to manage newly discovered vulnerabilities via patching, including:

  • Incomplete Vulnerability Listings: The Common Vulnerabilities and Exposures (CVE) list is intended to be the master list of all discovered and publicly reported vulnerabilities. However, this list consistently fails to include all public vulnerabilities. In 2020, Risk-Based Security found that the CVE list was missing 29% of known vulnerabilities. This means that organizations relying on this list to determine which vulnerabilities require attention may overlook crucial vulnerabilities.
  • Unreleased Patches: Patching a vulnerability is the best way to protect it against exploitation, but this approach only works if the vendor actually releases a patch. For nearly a quarter of vulnerabilities disclosed in 2020, no patch has been released by the vendor. These vulnerabilities are publicly known – meaning that cybercriminals can develop exploits for them – but security teams’ ability to close them is limited.
  • Inadequate Patches: Vulnerability patches are intended to completely close a potential attack vector, making it impossible to exploit. However, this is not always the case. According to Google, 25% of all zero-day exploits in 2020 were variations of old attacks that took advantage of improperly designed and applied patches.
  • Patch Surges: In 2020, 7% of all patches were released on the same three days by major vendors like Microsoft and Oracle. This means that security teams were overwhelmed on these days by the sheer volume of patches that they needed to test and apply. As they worked to catch up, cybercriminals could exploit unpatched systems with publicly known vulnerabilities.
  • Lack of Vulnerability Visibility: Organizations often only have visibility into the application code written in-house; however, this is only the tip of the iceberg. The average application has many dependencies, and each of these can contain exploitable vulnerabilities. This makes it much more difficult for an organization to determine which applications require patching and to actually perform the required updates.
  • Understaffed Security Teams: The cybersecurity industry is suffering from a significant skills gap, which makes it difficult for organizations to attract and retain the security talent that they require. As a result, understaffed security teams frequently need to choose between applying patches and protecting the organization’s network against active threats.

With massive numbers of new vulnerabilities reported each year (an average of 70 per day) and a number of additional challenges, attempting to manage vulnerabilities solely through patch management is an unsustainable plan. To minimize cybersecurity risk, organizations must limit the attack surface and exposure of potentially exploitable applications and systems.

Limiting Vulnerability Exploitability With Zero Trust

All organizations implement various levels of trust within their networks. A company won’t connect their database server directly to the public Internet for fear of having sensitive customer information exposed in a breach. Instead, this data is protected and only accessible via applications or by trusted systems within the network.

RelatedPosts

The Basics of Cryptography

How Web Security Affects Your Customers

A zero-trust security strategy – implemented using SDP/ZTNA – can extend this same mentality to all of an organization’s assets. By limiting access to systems and applications based upon role-based access controls, an organization makes it much more difficult for a malicious actor to access them.

Zero trust and SDP also provide a more scalable solution to managing the risk associated with vulnerable systems. While a system protected by SDP may still be exploitable if the appropriate patch has not been applied, an attacker has a much more difficult time accessing the system to exploit it. Implementing zero trust security is essential to scalable vulnerability and cybersecurity risk management.

 

3.1k
SHARES
ShareTweet

Subscribe to Techavy to never miss out on the latest tech news!

Unsubscribe
Abhishek Yadav

Abhishek Yadav

Hello, I am Abhishek Yadav, I am an Internet Marketer and a Blogger. along with blogging I also have some Programming and content marketing skills. Connect with me on Twitter @Abhinemm to know more about me :)

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

  • 123MOVIES Unblocked – Ten 123 Movies Proxies and Mirrors

    123MOVIES Unblocked – Ten 123 Movies Proxies and Mirrors

    5704 shares
    Share 2228 Tweet 1392
  • Kickass Proxy – 30 KAT Mirror Sites & Proxies ~ KAT UnBlocked.

    9870 shares
    Share 3934 Tweet 2459
  • AceStream Mac – How to install AceStream on your MAC

    1717 shares
    Share 685 Tweet 428
  • Thop TV: Watch Movies and TV Shows for Free

    807 shares
    Share 323 Tweet 202
  • How to Download Torrent with IDM – 100% Working

    1896 shares
    Share 755 Tweet 472

Latest Posts

What is Business Intelligence?

What is Business Intelligence?

March 14, 2023
image_2022_12_30T05_21_33_976Z.png

CapCut – The Free Online Video Editor

March 14, 2023
What is an Integrated Development Environment (IDE)?

What is an Integrated Development Environment (IDE)?

March 14, 2023
Kajabi

A Straightforward Review of Why I Chose Kajabi

March 15, 2023
Can You Perform A Business Registration In Ontario Online? 6 Things To Know

Can You Perform A Business Registration In Ontario Online? 6 Things To Know

March 10, 2023
The Benefits Of WiFi-Enabled Furnaces: Control Your Home’s Heating Remotely

The Benefits Of WiFi-Enabled Furnaces: Control Your Home’s Heating Remotely

March 11, 2023
Learn about technology, product reviews, SEO, AI and more on Techavy.com
Techavy

© 2021 Techavy | All Rights Reserved.

Resources

  • Home
  • About us
  • Contact Us
  • Privacy Policy
  • Careers

Connect With Us

No Result
View All Result
  • Home
  • Tech
  • Business
  • Software
  • Android
  • Blogging
  • Gaming
  • Startups
  • Review
  • Use of Cookies
  • Privacy Policy
  • About us
  • Contact Us

© 2021 Techavy | All Rights Reserved.