Is Vulnerability Management Necessary?
No single security solution can make a network safe from all attacks. Firewalls and IPS can't keep workstations free of viruses and malware. Antivirus can't protect the data on a database server. So it's a matter of balancing multiple solutions. To understand how these solutions complement each other, let's look at some of the most common security solutions (this is only a partial list).
These solutions focus on the attack itself, by preventing unauthorized access to network assets.
Attackers are looking for network weaknesses, and these solutions focus on finding the weaknesses first and fixing them.
Attacks resulting in data loss are usually performed by exploiting know and well documented security vulnerabilities in software, network infrastructure, servers, workstations, phone systems, printers and employee devices.
Security flaws are constantly addressed by the vendors who issue security patches and updates on an ongoing basis. In even modest size networks making sure that all assets are running all the security patches can be a nightmare. A single host that that is missing patches or that didn't get patches installed correctly can compromise the security of the network.
There are degrees of compromise, as not all vulnerabilities are created equal and not all assets are of equal importance or are equally available to a hacker's access. That is where good management comes in. No security effort has an unlimited budget, so vulnerability management helps focus the available resources on the most serious issues that exists at any one moment.
Omitting Vulnerability Management is like securing your house with a sophisticated alarm system but without locking every door and window before going on vacation. This is a vast oversimplification because networks have many hosts and each one of them has dozens of potential issues.
Every known peripheral (packet watching) security solution can be avoided under the right circumstances, but with proper vulnerability management in place, such as AVDS, the attacker who gains admittance to the network will not find internal weaknesses to take advantage of. Here are some examples:
It is important to understand that all the perimeter security solutions can be bypassed under relatively common circumstances. Those circumstances include incomplete or improper installation or settings.
Thus, only by hardening each individual network asset can network security be improved with confidence.