The danger of application vulnerabilities shouldn’t be underestimated. A single vulnerability in a single piece of software is all attackers need to gain network access.
Fortunately, organisations are starting to see that the vulnerabilities in non-Microsoft, third-party applications are a serious issue. They’re investing time and money in uncovering those vulnerabilities and applying the appropriate patches to resolve them.
But let’s not get ahead of ourselves.
Before you find the vulnerabilities in your applications, you need to find the applications themselves. That’s rarely a simple task.
In an era of bring your own device (BYOD), as businesses encourage people to take control of their own work flows, administrators lose control over which applications are permitted into the network.
And that creates a huge risk – a new challenge for organisations to overcome.
The danger of unknown applications
When organisations don’t understand the third-party applications that enter their networks, they fall at the first hurdle of eliminating vulnerabilities.
Without complete application visibility:
You don’t know what you’re exposed to.
You can’t use a patch catalogue alone to check for application updates, because you don’t even know what you’re looking for.
You can’t target your monitoring.
You can’t streamline the way you examine applications, so you’re forced to monitor them all. That leads to false positives, a flood of alerts, and less chance that you’ll notice the most critical vulnerabilities.
You can’t verify that patches are applied.
Unless you can discover applications and get a tangible view of what you’re dealing with, it’s impossible to manage updates. Third-party applications may be updated automatically, but there’s a chance they’ll be left vulnerable. Even the smallest chance is a significant new risk.
You can’t prioritise your most valuable assets.
Without a complete picture of the applications you’re running, you can’t make a fair assessment of which vulnerabilities are most critical. The patching process is carried out at random, updating low-risk vulnerabilities while leaving more serious dangers unchecked.