Vulnerability Intelligence & 3 rd party patch management

(1)

2013 Secunia Presentation

Vulnerability Intelligence

&

3

rd

_{party patch management}

1 Presented By: William Hamilton Melby

(2)

Company Overview

Brief Secunia facts

(3)

2013 3

Vulnerability Intelligence, Vulnerability Management and Patch

Management for global enterprises, SMBs and private users

Market Focus

The three pillars of our success

World-renowned

Vulnerability

Intelligence

1

Award-winning

Vulnerability

Management

2

Best-in-Class

Patch

Management

3

(4)

Microsoft Alliance Partner

Ongoing collaboration and solutions integration

Because patching non-Microsoft programs is essential to corporate security

Secunia is the first

Vulnerability Security We are also a member of Microsoft’s System Our solutions integrate

(5)

2013 5

Microsoft Alliance Partner

Ongoing collaboration and solutions integration

“With System Center 2012 Configuration Manager,

our customers can empower employee productivity

on a wide range of devices while maintaining

compliance and working to protect company data.”

“With Secunia CSI and System Center 2012

Configuration Manager, our joint customers can

streamline patch management processes and protect

both Microsoft and non-Microsoft applications from

vulnerabilities.

”

(6)

Research Team

The heart and soul of Secunia; the eyes and ears of the industry

One of the largest Vulnerability

Intelligence databases on the

market

• Database contains

vulnerabilities in software products since 2003.

• 48,213+ programs,

applications and plug-ins from thousands of

software vendors.

• Fully CVE compliant. Data is tested and verified by Secunia’s researchers.

• The database is unique to Secunia and is

(7)

(8)

The Highlights

Secunia

Vulnerability

Review 2014

(9)

2014 Secunia Presentation 9

Microsoft programs (including Windows 7) account for 66% of the products in the Top 50, but were only responsible for 24% of the vulnerabilities.

Vendor Update – Top 50 Software Portfolio

Source: “Secunia Vulnerability Review 2014.” https://secunia.com/vulnerability-review/

Operating Systems Microsoft Products Non-Microsoft (Third-party) Programs

(10)

Time to Patch

(11)

2013 11

“Through 2015, 80% of successful attacks

will exploit well-known vulnerabilities and

be detectable via security monitoring.”

- Gartner

Why Are Vulnerabilities Important?

They are the attack vector you should never ignore

(12)

Vulnerabilities in software are used routinely by

cybercriminals as gateways to exploit corporate

networks.

(1)

60% of attacks in 2012 were performed by

commercialized exploit toolkits, sold in the

underground, allowing anyone to become a

cybercriminal.

(2)

Over 65% of the top threats in Q4 2012 used

vulnerabilities to infect machines and perform

malicious activities.

(2)

The Root Cause of Security Issues

In other words: an ‘Access All Areas’ pass for cybercriminals

(13)

2013 13

What You Are up Against

Continual threats on the horizon

“Writing malicious code is no rocket science:

In 2012 a 11-year-old child developed a

Trojan to steal account login information

from online gamers.”

Source: “AVG Community Powered Threat Report.” Q4 2012. AVG http://mediacenter.avg.com/content/dam/mediacenter/threat-reports/AVG%20Threat%20Report%20Q4%202012_FINAL.pdf

(14)

What You Are up Against

Continual threats on the horizon

“(In 2012) There were a surprising

number of major incidents involving

the Conficker worm, despite a patch

being available since 2008.”

(15)

2013 15

The Concept of

(16)

Introduction to the Secunia CSI

Combining scanning and patching to meet the requirements of both IT security and operations

It’s not enough to detect the

vulnerabilities if you can’t

patch them. It’s not enough to

have the patches, if you don’t

know where to apply them.

Secunia CSI gives you the when, the

where, the what and the how:

This combination of vulnerability

intelligence, vulnerability scanning, patch creation and patch deployment is unique

(17)

2013 17

Value Proposition

Our foundation stone for the proactive detection and remediation of vulnerabilities

(18)

Management

Comply with regulatory standards (e.g. PCI-DSS or NERC-CIP) regarding the patching of programs.

Utilize your existing infrastructure to enforce security levels, i.e. Microsoft System Center 2012.

Enable policy enforcement and document your compliance efforts in the case of a breach.

Operations

An overview of the security state of all programs installed across endpoints and servers for effective prioritization of patching efforts.

Cross-platform scanning and patching of non-Microsoft programs.

Automatic package creation, plus access to out-of-the-box packages.

Security

Pinpoint the exact vulnerabilities affecting your network and

CSI Key Takeaways

(19)

2013 19

What Best Practice Patch Management Offers

The wisdom and agility to tackle oncoming threats – and a strengthened security posture

Automatic identification of vulnerabilities in networks

across endpoints and servers, grouped according to threat criticality.

Streamlined patching efforts according to risk exposure,

mitigation and compliance standards.

Optimized workflow and remediation process through

integration with patch deployment tools and automatic patch repackaging.

A complete, real-time overview of installation and the security state of all installed programs (both Microsoft and non-Microsoft).

Multi-platform approach: Windows, Mac OS and Red

Hat Linux are all catered for.

Simplified patching of non-Microsoft programs

through existing patch deployment tools (Microsoft System Center 2012, WSUS, Altiris).

Off-site assets secured by managing threats from

endpoints not under the direct control of your corporate network

(20)

(21)

2013 21

How We Compare to Other Vendors

Company Vulnerability Assessment Vulnerability Scanning Patch Management Observations

Complete patch management solution: (VI+VS+PC+PD=PM)

In-house research team (verified intelligence) Largest coverage of third-party programs Non-intrusive scanning technology

Market leadership: Clear differentiation

Best-in-class solution for medium-sized organizations and enterprises

Vulnerability coverage: +48k Patch library: +350 Programs covered: +25k

A comparative sample of typical vendors

Typical Patch

Management vendor

x



Patch Manager integration restricted to Microsoft System Center/WSUS

Coverage of third-party programs: 20-30 vendors only

No in-house research team

No scanning capabilities – reliance on information released by vendors, therefore offering limited accuracy

Offers only pre-packaged updates, which might result in incompatibility with IT environments and unsuitability to more complex network structures Cumbersome installation not designed for enterprises and scalability requires additional resources

Typical Vulnerability

Management vendor



x

Probe-based scanning only. Low Windows third-party detection coverage

No patching capability; only remediation advice and management features are provided

High technical knowhow required for deployment and utilization – very intrusive

(22)

Q&A

Stay Secure

www.secunia.com

Secunia

Mikado House, Rued Langgaards Vej 8, 4th floor DK-2300 Copenhagen S

Denmark

Secunia Inc.

Lake Calhoun Business Center, Suite 420 3033 Excelsior Boulevard