Rule-Driven Profiling:A Next-Generation Approach to Vulnerability Discovery

Apr 03, 2013

Download Vulnerability scanning, or the process of identifying a list of known security gaps in the network environment, is the focal point for most enterprise vulnerability management programs. Before any action can be taken to assess risks or prioritize vulnerabilities for remediation � you have to know the extent of your vulnerability challenge.

The use of vulnerability scanners as security assessment tools is nearly ubiquitous in large organizations. Regular network scans are recommended by security industry best practices and required by numerous regulations. However, as network infrastructures have grown more complex and identified vulnerabilities have multiplied, the effectiveness of vulnerability scanning as a security management tool has declined.

In a June 2012 Skybox Security survey, enterprise IT personnel reported several major challenges that limited their use of traditional active vulnerability scanning. Respondents indicated that there were concerns about disrupting critical business services due to the active probing of hosts; some hosts were not scannable due to their system characteristics or other factors; and security teams were often unable to keep up with the amount of analysis and remediation work necessary to resolve found issues.

This white paper reviews Skybox�s new approach to vulnerability discovery:

�Finding vulnerabilities without an active scan
�Vulnerability discovery with Rule-Driven Profiling
�Data sources for product profiling
�Key benefits of Rule-Driven Profiling
�Mixing Rule-Driven Profiling and traditional active scanning


Skybox Security