Knowledge on the NIST CYBERSECURITY FRAMEWORK, can’t be overlooked, as it is the backbone in ensuring the CIA TRIAD of cybersecurity is honoured effectively, and guaranteeing the protection of various organization critical infrastructure (Vulnerability Management).
However, the framework is just a framework, except when properly implemented effectively, while ensuring that vulnerabilities are rightly identified, and timely managed to prevent disruption of service. Every aspect of this management has due process also known as lifecycles; that needs to be properly followed in managing vulnerabilities. These are considered standard in Vulnerability Management and comprises of six (6) various stages.
Discovery:
The discovery phase usually involves identifying the list of communicating device on your network or infrastructure. This includes mapping the network layout, nodes, hosts, and other related communicating devices, belonging to or running on your organization’s network.
Prioritization:
Origin word Priority or prioritize.
For example:
If a webserver on which the entire application of your organization is hosted on fails, this would put the entire organization customer base in disarray, compared to when a single on-premises server ( cloud ) holding files of internal organization’s meeting or memo’s fails.
Prioritizing assets that are mission critical from others, should be duly carried out at this phase. These mission critical assets, should be the first to receive attention, during the vulnerability assessment.
Assessment:
The Assessment phase involves employing the expertise of an Offensive Team (Red Team) professional. At this stage, ports, open services, and third party applications that are installed or running are assessed. The purpose is to identify these ports, and services which are vulnerable to malicious attempts.
Reporting:
The reporting phase should be treated with precision, and straight to the point, as these information does get to the upper management, and needs utmost clarity to both technical and non-technical team reading these reports. In the report, should include current and trending analysis, with the remediation plans for the vulnerabilities discovered.
In addition, the Ranking of these vulnerabilities, should follow the NIST (National Institute of Standard & Technology) NVD (National Vulnerability Database) structure, with a list of Severity Ratings.
Remediation:
In the remediation stage, the patching of these critical assets are to be duly (effectively & efficiently) carried-out. The remediation should be first focused more on mission critical infrastructures with high severity vulnerabilities, as these are the heart or the backbone of the organization’s businesses.
Verification:
The verification stage is considered “ A re-evaluation or re-assessment” of these critical infrastructure, to ensure that the fix implemented (Remediation), is effective and do not have the same vulnerability existing in the infrastructure. Rescanning the assets for the same vulnerability remediated is one of the methods of verification. Depending on the organization standard, it could be by using automation tools ( OpenVAS, Nessus, Nikto etc.) or employing the skills of an ethical hacker who could also revaluate these vulnerabilities manually.
While the vulnerability Management Strategy seems to highlight the role of an Offensive Security Expert, Blue Team Lead, and CISO, it is important to note that they are not limited to the knowledge of the Job roles of this listed sectors, in cybersecurity.
And With this being said, we have come to an end of this article, and hope you got to understand in a quick summary, the “The Six (6) Stages of Vulnerability Management or The Vulnerability Management Lifecycle.” Thanks for the read.
Put your comments below in the comment section on your thoughts about this.
Find this article and information helpful? Show some love and support “Click-Here”