“En Garde…Thrust…Parry…Riposte” For those of you who either are a fan of swordplay, or have seen at least one Errol Flynn movie, you will recognize these terms from Fencing. While I have never fenced in my life, I do have a solid understanding of the back and forth nature of conflict. Many moons ago, I enjoyed training in mixed martial arts and experienced it firsthand. For every offensive move, a defensive move must parry the attack. Security in many respects is a constant series of clashes.
Based on experiences early in my career, I always view security in terms of “Security of Inclusion” and “Security of Exclusion”. “Security of Inclusion” represents letting the good guys in to what is necessary based on business requirements. “Security of Exclusion” represents keeping the bad guys out and all of the mechanisms to defend and respond to attacks. These two worlds naturally have a certain tension – open, shared environments vs. closed, secured environments. Security teams always look to achieve balance between guarding the doors while allowing ease of access.
The war on the “Exclusion” side is an even more pronounced battle as defenders and adversaries are in constant state of thrust, parry and riposte. Adversaries have a growing arsenal of tools – phishing, zero days, drive-bys and so on – that provide ample ways to sharpen their rapier. Defenders in turn need to hone their sabres. Such is the life of a security professional. It is a war of attrition and tools for the defenders must continue to evolve – refining the blade, so to speak. Much of the conversation on the “Exclusion” side is being driven by the wide variety of threats organizations face. Gartner recently released some excellent research on Vulnerability Risk, Threat Intelligence and Threat Assessment which highlight the ongoing need to bolster processes that understand where the organization is vulnerable and what types of threats are the most dangerous. This is just one example of views across the industry advocating a continued evolution of threat and vulnerability management within an organization today.
I have blogged about Vulnerability Risk Management in the past. Most recently, I highlighted how RSA Archer’s Vulnerability Risk Management assists customers in identifying Heartbleed vulnerable systems. I am pleased to share with you that the latest release for RSA Vulnerability Risk Management (VRM) is now being showcased at the RSA Archer Summit 2014, starting today. The new features of RSA VRM expand the coverage of vulnerability scanners with addition of support for Rapid7 & Nessus (Tenable) scanners. In addition, customers will have more flexibility to integrate a scanner of their choice by making use of generic XML scanner interface. Vulnerability Management is a key part of the security arsenal and the sharper it is, the more prepared an organization is to repel an attack. RSA VRM provides an organization with a single pane of glass to collect, analyze, prioritize and track remediation of vulnerabilities identified during scanning processes. Like a well rehearsed parry, identifying and closing vulnerabilities in a timely fashion is an absolute must for organization’s fending off the thrust of today’s adversaries.
