The attacks are all automated, manual ways to ensure protection is too slow and ineffective.
An organization would want to know its security posture, and out of the myriad number of issues that are identified, would like to prioritize what they would want to address based on the risk it poses.
This is a risk-based approach, which is to identify and prioritize the issues to be addressed. This is the optimal use of time and effort. There is still one challenge though. The organization has to fix these issues and validate them, and this is the window that is open to attackers.
This further leads to three challenges
Good to have a solution that can identify, prioritize, and auto-remediate. Organizations would want to have control over the type of issues that can be auto-fixed and also on the specific assets.
Not all issues can be remediated, some can be mitigated, for example, a weakness in a Web Application, can only be mitigated by applying a rule on the WAF, and the actual fix would mean fixing the code. Whereas cloud misconfigurations can be remediated.
The fix itself may resolve the security issue, but there may be an impact to the business flow. A telnet port open, identified as a critical issue and fixed, but there may be some application flow which is dependent on it and thus affects the business. In these cases, one should have an option to rollback the fix, till such time that they can fix the application flow.
A real scenario, customer having multiple cloud accounts, and each cloud account having several thousands of issues and portion of it being critical. Would take months to fix, and they need to have the expertise in cloud technologies. Auto-remediation would make this job easy. Either they can look at the issues and use the system to push the fixes or configure the system to automatically fix once it identifies the issues. We are talking only about one cloud account here, and they have multiple of them. Add the other organization assets, namely servers, applications, cloud configurations, auto-remediation is a must.
Seconize DeRisk Center is a cloud based, continuous and contextual RBVM (Risk Based Vulnerability Management) solution, which identifies issues and prioritizes the remediation based on the risk it poses to the organization.
It extends the capability to auto-remediate the issue. Essentially,
One can configure the type of issue on an asset class (server, cloud) that can be auto-remediated
or can look at the individual issues, understand what the remediation, and push a button to resolve it.
If there is a business flow impact, one can rollback the fix.
DeRisk Wizard, identify, prioritize and auto-remediate – all in one flow.