{"id":5293,"date":"2019-06-07T18:58:58","date_gmt":"2019-06-07T17:58:58","guid":{"rendered":"https:\/\/www.n-able.com\/?p=5293"},"modified":"2021-07-12T14:23:03","modified_gmt":"2021-07-12T13:23:03","slug":"vulnerability-management-best-practices","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/pt-br\/blog\/vulnerability-management-best-practices","title":{"rendered":"Vulnerability Management Best Practices"},"content":{"rendered":"

In 2018, network vulnerabilities accounted for\u00a081% of all company security breaches<\/a>. On top of that, it takes on average up to 69 days to patch a critical web application vulnerability and 65 days to patch a similar vulnerability for an internal network. In this context, it would be safe to say that strong vulnerability management is one of the most important cybersecurity measures for managed services providers (MSPs) to implement for their customers.<\/p>\n

Implementing new vulnerability management systems can be a challenge. There are many moving parts, from technical processes to policy implementation. By using the vulnerability lifecycle model as a roadmap, you can implement vulnerability management best practices to protect your customers\u2019 networks from emerging security threats.<\/p>\n

What is vulnerability and patch management?<\/b><\/h3>\n

Vulnerability management is the practice of identifying, mitigating, and repairing network vulnerabilities. Organizations use vulnerability management as a proactive process to improve security in company applications, software, and computer networks. When implemented well, vulnerability management can help an organization be significantly safer from security breaches and data theft.<\/p>\n

Similarly, patch management is the deployment of a computing patch to repair a network vulnerability. A patch is a set of changes made to a program that is designed to update, fix, or improve its functionality. Handling this process well is crucial, as over 80% of security breaches are a result of\u00a0poor patch management<\/a>.<\/p>\n

Before jumping into the specifics of vulnerability management and best practices, it\u2019s important to understand the distinctions between vulnerabilities and security risks, since the terms are often conflated. A security risk describes the potential for loss, damage, or destruction of an asset. A vulnerability describes a specific weakness an attacker can exploit to perform unauthorized actions within a computer system. Although risks take vulnerabilities into account (and evaluate them alongside threats and assets), they are not one and the same. Understanding this difference, and explaining it to your customers, is the first step in improving security practices.<\/p>\n

Other important terms to understand in this area of cybersecurity are threats and assets.<\/p>\n

Assets are usually intellectual property, information, and sometimes people\u2014any item that can be assigned a value. Sometimes these are intangible things like a person\u2019s reputation or proprietary information. Generally,\u00a0customer assets\u00a0<\/a>may be things like databases, software code, or important company records. Likewise, threats can be described as anything that can exploit a vulnerability and obtain or damage one of these assets.<\/p>\n

What is the vulnerability management lifecycle?<\/b><\/h3>\n

The vulnerability management lifecycle describes the specific steps that need to be continually addressed in vulnerability management. Specifics will vary from organization to organization but there are several elements that will be relevant and useful for most MSPs:<\/p>\n