Vulnerability management and patch management are often confused. However, it's crucial to recognize that, while complementary, they are distinct processes. Understanding the differences between vulnerability management and patch management is essential for a solid security posture. Let's delve into the concepts to understand better what they are, how they differ, and how they work together. Defining Vulnerability Management Vulnerability management encompasses the proactive identification, assessment, prioritization, and mitigation of security vulnerabilities across an organization's IT...
Author: Taha Dharsi
Security and compliance are often tightly intertwined. The main difference is that sometimes security can outpace compliance efforts. While it is easy to infer that a more secure system exceeds a compliance requirement, an auditor should not be expected to deduce the state of a system; the evidence needs to be clear. There are many factors that can cause compliance shifts. Configurations are constantly changing because there are updates happening to the infrastructure, there are patches being applied, there are applications that are being updated, and these cause changes to the system that...
The basic parameters that control how hardware, software, and even entire networks operate are configurations, whether they take the form of a single configuration file or a collection of connected configurations. For instance, the default properties a firewall uses to control traffic to and from a company's network, such as block lists, port forwarding, virtual LANs, and VPN information, are stored in the firewall's configuration file. Configuration management is now presented as a new control in the new, revised edition of ISO 27002:2022 (Control 8.9). It is a crucial component of an...
While the phrase sounds like the stuff of textbook jargon, the term "configuration drift" hides an extremely crucial caution. Configuration drift is important because it can lead to compliance drift. Compliance drift means that the state of compliance has changed as a result of a configuration that has been changed, which has caused your system to fall out of compliance. When your systems are misconfigured, this small hinge swings a wide door that leads to regulatory scrapes against standards such as PCI DSS , SOX , NERC , and more . The resulting consequences are hefty fines, loss of public...
In a previous post my colleague spoke about how ensuring devices on your network is a great way to minimize the attack surface of your infrastructure. Organizations like the Center for Internet Security (CIS) provide guidelines on how to best configure operating systems to minimize the attack surface. The CIS calls these “benchmarks.” Many security […]… Read More
The post What is Configuration Drift? appeared first on The State of Security.