Keeping track of the changing threat and vulnerability picture is a challenge for any security or network administration team. Threats change because of the constant efforts of Bad Actors who actively seek to exploit known vulnerabilities and to discover new ones. Vulnerabilities change because of changes in software versions, installation of new hardware or new firmware, installation of new software patches, and changes in network topology.

RedSeal Systems recently published a short white paper entitled “Does the pace of business change create ‘holes’ in your security?” which, refreshingly, is available without registration. The authors discuss three major categories that can affect security:

• “Business drivers: Mergers & Acquisition, Business Project Pilots, Project & Service Outsourcing
• Regulatory/Compliance Mandates: Payment Card Industry Data Security Standards (PCI DSS), Sarbanes Oxley, HIPPA and other industry mandates
• New emerging technology adoption: Wireless services (e.g. Wi-Fi), Virtualization, Hosted Applications, Cloud computing”

The authors continue:

“Typically these changes also involve organizational changes. It is inevitable that change in the business and organization drive networks to constantly adapt. While being bombarded with competing demands, most organizations are in reactive fire fighting mode. With limited available resources, most businesses fail to integrate a security risk management process when making changes to the network. The disparate nature of various teams managing different aspects of the network aggravates this security risk environment across the enterprise. This often translates into unintentional security holes, defects and vulnerabilities, exposing the entire business and key stakeholders to high risk and in many instances, gross violation of compliance mandates.”

Readers may find the “short product tour” interesting; in about seven minutes, the well-modulated voice of the speaker discusses the functionality of the RedSeal Security Risk Manager (RedSeal SRM).

RedSeal SRM has three major components: map, measure and mitigate.

The map function audits the network infrastructure, including configuration and topology for all firewalls, servers, routers and other components; configurations can be imported manually or automatically. RedSeal SRM generates a network map that can be exported for further use. The vulnerability analysis at this phase produces reports on a wide range of violations of security best practices. The best practices standards “are compiled from third-party vendors, security firms, and RedSeal security research team.” Reports can show the audit in a variety of ways, such as by device or by type of failure.

M. E. Kabay, PhD, CISSP-ISSMP, is Program Director of the Master of Science in Information Assurance program at Norwich University.