Patching and remediation

Security teams today are overwhelmed by fragmented data, inconsistent tagging, and the manual burden of translating findings into fixes.

A new release of the Seemplicity platform introduces an AI Insights feature along with Detailed Remediation Steps, and Smart Tagging and Scoping, three new capabilities that use AI to solve some of the most painful and time-consuming cybersecurity tasks.

A new Cloud Risk Exposure Impact Report from ZEST Security shows that 62 percent of incidents are directly related to risks the security team had previously identified, researched fixes for, and had open tickets for remediation in the backlog.

The survey of over 150 security decision makers working in large US enterprises reveals that it takes 10 times longer to remediate vulnerabilities than it takes for attackers to exploit them, highlighting a significant advantage for attackers.

A newly-released report from Swimlane shows that a worrying 68 percent of organizations say remediating a critical vulnerability takes them more than 24 hours.

The survey of 500 cybersecurity decision-makers across the US and UK reveals that 37 percent cite the top challenge in prioritization as a lack of context or accurate information. Similarly, 35 percent report this lack of context hampers their remediation efforts.

Bulk remediation in Google Shared Drives can be useful in removing unneeded permissions, revoking expired access and ensuring that data remains secure.

But it can also present significant challenges due to the complex nature of managing permissions across a large number of files and users. Administrators face the difficulty of ensuring accurate and appropriate access levels for each file and user.

Remediating security issues and potential software vulnerabilities is one of the fastest ways to improve security and prevent attacks. It’s a standard process for security teams, and it should make the job easier for everyone involved. Yet many of the security issues that we see exploited remain known software vulnerabilities -- in Qualys' Top 20 Security Vulnerability Research this year, the top five most common exploits include a privilege escalation issue in the Zerologon protocol, remote code execution (RCE) problems in Microsoft Office and Wordpad from 2017 and even an RCE with Microsoft Windows Common Controls from 2012. These issues still exist, and have been targeted by threat actors this year.

So why are these old problems still present in production systems years after patches have been released, and why have they not been fixed? What is holding IT teams back around this backlog of vulnerabilities, and how can teams improve their processes to get ahead of these problems in future?