DevOpS and Remediation Task Management
Lately a lot of attention has been directed towards the “DevOps” or “SecOps” disciplines and for good reasons. According to Wikipedia here, “DevOps” can be defined as: “a software development method that stresses communication, collaboration, integration, automation, and measurement of cooperation between sofware developers and other information technology professionals. DevOps acknowledges the interdependence of software development, quality assurance, and IT operations, and aims to help an organization rapidly produce software products and services and to improve operations performance.
DevOps also describe the interdependecies between security and other part of the IT organization such as the development team and / or the sysadmin group. This interdepency is called “SecOps”.
One of the most important function of the security group is vulnerability management, the activity aimed at detecting, prioritizing and remediating software vulnerabilities in infrastructure and applications. Most of the security professionals know that is one thing to find vulnerabilities and the other successfully prioritizing and remediating them, since this task involves working with other IT groups such as the app developers and the sysadmin / netadmin groups. So more policy boundaries to cross.
One of the many suggestions our customers gave us about our solution Unified VRM, is that it is hard for developers / sysadmins to work with single tickets representing one vulnerability affecting one single asset. Those groups work with tasks, aggregating for example several tickets related to one asset group or one specific vulnerability under a specific task. The tasks can then be managed moving the cards from different “lanes” based on their statuses as “to do”, “in progress”, “done, to be verified” and “verified”. The “Verified” column is only reserved for tasks where all the tickets have been closed / remediated manually and then verified by a recurring / subsequent vulnerability scan.
We listened and we created the “Task management” tab of remediation, aka the “Kanban board”. We are very proud of this you addition to Unified VRM as it allows the security department to assign tickets to specific tasks and specific people. It also allow the Devops or the SysAdmin group to manage their tasks until completion and verification, accomplished through a subsequent scan. This ultimately fosters collaboration among IT departments in remediating security vulnerabilities, one of the most difficult result to be accomplished in vulnerability management.
As usual, I provide a brief video showing Unified VRM interface using the Kanban board and Task Management functionalities.