Cyber risk trends for small and medium businesses. Read More
The CyberWire
The all in one place for non-profit security aid.
How IT teams can conduct a vulnerability assessment for third-party applications
Google Chrome, Adobe Acrobat Reader, TeamViewer, you name it—there’s no shortage of third-party apps that IT teams need to constantly check for vulnerabilities. But to get a better picture of the problem, let’s bust out some napkin math.
The average company uses about 200 applications overall. Assuming at least 75% of these have a vulnerability at any given time, small security teams are tasked with finding and prioritizing over 150 vulnerabilities on a rolling basis.
If you’re not using a comprehensive tool like ThreatDown Vulnerability Assessment (free for all ThreatDown users), it’s going to take a solid combo of resourcefulness and patience to do that much vulnerability assessment on your own.
With that in mind, we’ve compiled this list of the five things IT teams need to do in order to find vulnerabilities in their environment.
The crucial first step involves cataloging every application within the IT environment. This foundational task, akin to a thorough inventory check, is essential for identifying potential security issues.
It’s not just about identifying the applications but also understanding their versions.
Why? Because you’re not just looking for vulnerabilities in one version of 7-Zip; to see if you’re truly affected, you’ll need to match your list of applications against vulnerabilities across different versions, such as 3.5 or 3.7.4. Not to mention that if your organization’s workforce doesn’t require regular updates of important software, then you might find countless versions of the same app dating back to the longest-term employees.
Matching the cataloged applications and their versions against entries in Common Vulnerabilities and Exposures (CVE) databases is the next critical step. This process helps in pinpointing specific vulnerabilities applicable to the software in use.
Here’s the play-by-play:
Go to https://cve.mitre.org/cve/search_cve_list.html
Type in the application you want vulnerability info on in the search bar.
Pinpoint whether the vulnerability impacts the specific version of the software that’s present throughout your network.
Rinse and repeat.
This type of repetitive, sometimes monotonous work isn’t just about identifying a CVE—it’s also about determining its severity. After identifying potential vulnerabilities, the next challenge is to prioritize them by CVSS and by asking questions that should inform you and your team about the best response. This includes questions like:
Is the vulnerability being actively exploited in the wild?
Is the CVE impacting critical tools or areas?
How important is the affected asset in maintaining operational continuity?
Remember, this is not a one-time task. You don’t just run vulnerability assessment once a year, or even once a month; you should be doing this on a daily basis. Why? Because every day counts. New CVEs are constantly popping into existence left and right, and if you’re not on top of them, you could be the target of an attack.
For teams seeking a more streamlined approach, the ThreatDown Vulnerability Assessment tool offers a solution.
To simplify security and reduce costs, Vulnerability Assessment deploys easily in minutes without a reboot, using the same agent and cloud-based console that powers all ThreatDown endpoint security technologies.
Identifies vulnerabilities in modern and legacy applications in less than a minute.
Utilizes the Common Vulnerability Scoring System (CVSS) and Cybersecurity and Infrastructure Security Agency (CISA) recommendations to evaluate and rank vulnerabilities for proper prioritization.
Our Security Advisor tool to analyzes an organization’s cybersecurity health—such as by assessment of current inventory and which assets are vulnerable—and generates a score based off what it finds. To improve the endpoint security health score, Security Advisor delivers recommendations to address discovered vulnerabilities: patching, updates, or policy changes.
While manually identifying vulnerabilities in third-party applications is a demanding task, following these structured steps can make the process more manageable. However, for ThreatDown customers, the ThreatDown Vulnerability Assessment tool is a valuable alternative.
The ThreatDown Vulnerability Assessment tool simplifies the process with features like a lightweight agent, quick vulnerability scans, accurate severity ratings based on CVSS and CISA guidelines, and integration with Security Advisor for tailored recommendations.
Try ThreatDown Vulnerability Assessment today.
Interested in adding Patch Management capabilities as well? Check out our Advanced, Ultimate, and Elite Bundles.
Malwarebytes
Atlassian patches critical Confluence zero-day exploited in attacks
Australian software company Atlassian released emergency security updates to fix a maximum severity zero-day vulnerability in its Confluence Data Center and Server software, which has been exploited in attacks. […] Read More
BleepingComputer