Reduce your odds of needing incident response
- Feb 07, 2013
- Guest Author
It has been hard to keep up with my news alert due to all the IT security headlines. “Hackers in China Attacked The Times for Last 4 Months” in the New York Times, and “Chinese Hackers Hit U.S. Media” in The Wall Street Journal.
Although unfortunate and painful for the companies involved, high-profile security attacks and breaches are positive for the industry overall from the perspective of increasing the awareness and education of the need to employ an ongoing process to stay secure. What does surprise me is that “incident response” (AKA: fire extinguishers) are viewed as such a sexy object. The fact is that, although much more mundane, a proactive approach to vulnerability risk management is the true supermodel when it comes to addressing risk.
NopSec’s CTO, Michelangelo Sidagni, an expert with nearly 20 years’ experience in the IT security space has a favorite and often used statement. “Not all vulnerabilities are created equal. The important ones are exploitable.” That may appear obvious to us in the IT security and vulnerability industry but has striking similarity to the adage, “Common knowledge is not common.”
Unified VRM, has its roots in hacker penetration testing and has evolved to become a system to manage security vulnerabilities proactively. One of our customers in the banking industry recently told me why they love our product. “The bad guys are relentless and systematic in their approach and Unified VRM ensures that we are too.”
And remember, fire extinguishers leave a messy and costly cleanup.
Learn more about NopSec’s approach to penetration testing and the methodology we use to secure applications and infrastructure from security breaches. Download our Best Practices Guide: Penetration Testing.