Why vulnerability scans give infosec officers nightmares


by Duncan MacRae| 18 February 2014

Ron Gula, Tenable Network Security CEO, says organisations are turning to continuous monitoring to close the gaps left by traditional vulnerability management.

Traditional vulnerability management solutions are unnecessarily exposing most to security threats that could be mitigated through continuous monitoring (CM), a study has found.

Tenable Network Security, a specialist in real-time vulnerability and threat management, came to the conclusion in its new report, 'Close the Gaps Left by Traditional Vulnerability Management Through Continuous Monitoring', conducted by Forrester Consulting.

CM, the roots of which lie with the US government, addresses many of the challenges faced by traditional vulnerability management solutions and offers CISOs and security leaders across sectors a near real-time view into the security posture of their respective institutions.

The survey found that organisations that implemented continuous monitoring are more than twice as likely to be satisfied with their vulnerability management approach compared to those who use periodic scanning. Additionally, Forrester asked the 45% of respondents who had adopted CM to explain the benefits.

They said that continuous monitoring:

- Benefits all stages of vulnerability management
- Benefits all verticals
- Better equips organisations to deal with a mobile workforce
- Benefits those with a risk focused VM program the most
- Satisfies the CISO more than any other role

Consumerisation, mobility, and cloud are the hallmarks of the extended enterprise and periodic snapshot vulnerability scanning cannot effectively address the dynamic nature of today's extended enterprise environments. While this has catapulted vulnerability management as one of the top concerns for organisations - 86% of respondents rate it as their second highest IT security priority for the next 12 months - they remain concerned with effectively lowering their organisation's risk of compromise. Specifically, organisations struggle to establish effective vulnerability management practices, leaving them exposed to attacks.

Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

714 people like this.
1520 people follow this.

Malware Intelligence

Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.