SANS Critical Control 8 and 9: Data Recovery Capability & Security Skill Assessment
- Jul 05, 2013
- Michelangelo Sidagni
On this blog post of the SANS Critical Control series I comment on two critical controls that at the first glance might not seem to fit Unified VRM’s capabilities. But think again….
SANS Critical Control 8 refers to an organization’s data recovery capability, the availability component of security that might come into play after a security breach happened and the organization needs to restore its systems on their previous state.
Unified VRM deals with vulnerability management component of security and therefore it might at a first glance not be related to availability. However, Unified VRM might help with this task in two way:
SANS Critical Control 9 refers to an organization’s on-going security training and security skill improvement. Security skill improvement is key in an organization that is serious at fighting the latest and greatest security threat as the attackers get more and more technically sophisticated.
Unified VRM helps this process by automating the most challenging part of vulnerability management: the vulnerability evaluating. Through its patent-pending artificial intelligence engine, Unified VRM augments the enterprise’s vulnerability management group skills automating an expert penetration tester evaluation criteria of discovered vulnerabilities. The automated expert engine analyzes each discovered vulnerability under four criteria:
The expert engine evaluates vulnerabilities based on domains corresponding to each of Unified VRM modules: external, internal, wireless and web application so that the knowledge base can also be tailored to that domain specific risks.
The expert engine also compares the reported vulnerabilities with industry vertical averages to offer the organization a comparative analysis in terms of industry vulnerability management statistics.