The Overwhelming Challenge of Application Visibility

An in-depth look at application vulnerabilities – part three

Missed parts one and two?

Part one: Application Vulnerabilities and Why Companies Leave Themselves Exposed

Part two: Why your IT isn’t as secure as you think

For those companies that understand the scale of the application vulnerability threat, the answer is simple. All it takes is a patch that fixes the vulnerability that attackers could exploit.

Of course, the realities are a little more complicated. Your ability to patch quickly and efficiently is affected by a huge range of different factors.

You need to filter the most critical alerts from the hundreds, or potentially thousands of alerts you receive in a given week. The availability of a patch is largely in the hands of a vendor. You need to find the time to package and deploy the patch as soon as possible. And when you do, you could be interrupting service on critical systems that people rely on to do business.

The scale of the application vulnerability threat is growing rapidly. But with limited time, resources, and knowledge, overcoming it remains a significant challenge.

Mitigation begins with application visibility

It’s tempting to think that the first step in eliminating application vulnerabilities is finding the vulnerabilities themselves. However, most organisations face a more immediate problem – they don’t have complete visibility over their applications.

If you don’t know the software that’s currently in use on your network, you cannot hope to separate vulnerable applications from secure ones.

Today, bring your own device (BYOD) flexibility and remote access make it easy for third-party applications to enter your infrastructure. These are not all games that breach your policy – they may include alternative PDF readers, or useful productivity tools.

It is not their presence that is the problem. It is that administrators are unaware that they exist on the network. As a result, their vulnerabilities are left unchecked. In some cases, known vulnerabilities can remain undetected for months, even years on end. With every day that passes, the likelihood of an attacker exploiting that vulnerability increases.

The first step in improving your response to application vulnerabilities is improving your visibility. To stay secure, you need a deep, detailed insight into the applications that are on your network, how they are typically used, and which assets are the most valuable to your operations.

Next: Part four – The Practicalities of Patching

Written by