Enviar pesquisa
Carregar
Deploying Vulnerability Management with QualysGuard
•
0 gostou
•
51 visualizações
Título melhorado com IA
T
Tom - Creed
Seguir
Denunciar
Compartilhar
Denunciar
Compartilhar
1 de 9
Baixar agora
Baixar para ler offline
Recomendados
Vazata Federal IaaS
Vazata Federal IaaS
ftculotta27
Hdcs Overview Final
Hdcs Overview Final
rjt01
Configuration Compliance For Storage, Network & Server
Configuration Compliance For Storage, Network & Server
EMC
Defense Foundation Product Brief
Defense Foundation Product Brief
wdjohnson1
Esg solution showcase considerations for protecting converged systems and ...
Esg solution showcase considerations for protecting converged systems and ...
Fernando Alves
IRJET- SAAS Attacks Defense Mechanisms and Digital Forensic
IRJET- SAAS Attacks Defense Mechanisms and Digital Forensic
IRJET Journal
IRJET- Effective Privacy based Distributed Storage Structure
IRJET- Effective Privacy based Distributed Storage Structure
IRJET Journal
IRJET- Homomorphic Encryption Scheme in Cloud Computing for Security and Priv...
IRJET- Homomorphic Encryption Scheme in Cloud Computing for Security and Priv...
IRJET Journal
Recomendados
Vazata Federal IaaS
Vazata Federal IaaS
ftculotta27
Hdcs Overview Final
Hdcs Overview Final
rjt01
Configuration Compliance For Storage, Network & Server
Configuration Compliance For Storage, Network & Server
EMC
Defense Foundation Product Brief
Defense Foundation Product Brief
wdjohnson1
Esg solution showcase considerations for protecting converged systems and ...
Esg solution showcase considerations for protecting converged systems and ...
Fernando Alves
IRJET- SAAS Attacks Defense Mechanisms and Digital Forensic
IRJET- SAAS Attacks Defense Mechanisms and Digital Forensic
IRJET Journal
IRJET- Effective Privacy based Distributed Storage Structure
IRJET- Effective Privacy based Distributed Storage Structure
IRJET Journal
IRJET- Homomorphic Encryption Scheme in Cloud Computing for Security and Priv...
IRJET- Homomorphic Encryption Scheme in Cloud Computing for Security and Priv...
IRJET Journal
NIST Definition of Cloud Computing
NIST Definition of Cloud Computing
Scientia Groups
Cisco Secure Enclaves Architecture
Cisco Secure Enclaves Architecture
Cisco Russia
IRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET Journal
An Introduction to Designing Reliable Cloud Services January 2014
An Introduction to Designing Reliable Cloud Services January 2014
David J Rosenthal
SLA Based Information Security Metric for Cloud Computing from COBIT 4.1 Fram...
SLA Based Information Security Metric for Cloud Computing from COBIT 4.1 Fram...
ijcncs
Centralizing security on the mainframe
Centralizing security on the mainframe
Arun Gopinath
VMworld 2013: Get on with Business - VMware Reference Architectures Help Stre...
VMworld 2013: Get on with Business - VMware Reference Architectures Help Stre...
VMworld
Using Cisco’s VMDC to help facilitate PCI compliance
Using Cisco’s VMDC to help facilitate PCI compliance
Cisco Service Provider
BMC Discovery IDC Research Study 470 ROI in 5 Years
BMC Discovery IDC Research Study 470 ROI in 5 Years
Chris Farwell
Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...
Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...
idescitation
IBM Offers ISVs a Fast Track for Virtual Appliance Deployment on New IBM Pure...
IBM Offers ISVs a Fast Track for Virtual Appliance Deployment on New IBM Pure...
benzfire
Cloud implementation security challenges
Cloud implementation security challenges
bornresearcher
328491-PCI-dss white paper
328491-PCI-dss white paper
Manoj Punamia
IRJET- Cloud Computing: Security Issues Challenges and Solution
IRJET- Cloud Computing: Security Issues Challenges and Solution
IRJET Journal
RightITnow Whitepaper
RightITnow Whitepaper
Marc Ferrie
ESG Labs Testing and Performance Audit of the NetBackup 5330 Appliance
ESG Labs Testing and Performance Audit of the NetBackup 5330 Appliance
Symantec
Neural Network Web-Based Human Resource Management System Model (NNWBHRMSM)
Neural Network Web-Based Human Resource Management System Model (NNWBHRMSM)
ijcncs
A study on security responsibilities and adoption in
A study on security responsibilities and adoption in
eSAT Publishing House
A study on security responsibilities and adoption in cloud
A study on security responsibilities and adoption in cloud
eSAT Journals
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
ebuc
Estrategias de c16 de 2012
Estrategias de c16 de 2012
Pilar Ariza
Fall_2016_Accessory_Linesheets
Fall_2016_Accessory_Linesheets
Mehtab Badwal
Mais conteúdo relacionado
Mais procurados
NIST Definition of Cloud Computing
NIST Definition of Cloud Computing
Scientia Groups
Cisco Secure Enclaves Architecture
Cisco Secure Enclaves Architecture
Cisco Russia
IRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET Journal
An Introduction to Designing Reliable Cloud Services January 2014
An Introduction to Designing Reliable Cloud Services January 2014
David J Rosenthal
SLA Based Information Security Metric for Cloud Computing from COBIT 4.1 Fram...
SLA Based Information Security Metric for Cloud Computing from COBIT 4.1 Fram...
ijcncs
Centralizing security on the mainframe
Centralizing security on the mainframe
Arun Gopinath
VMworld 2013: Get on with Business - VMware Reference Architectures Help Stre...
VMworld 2013: Get on with Business - VMware Reference Architectures Help Stre...
VMworld
Using Cisco’s VMDC to help facilitate PCI compliance
Using Cisco’s VMDC to help facilitate PCI compliance
Cisco Service Provider
BMC Discovery IDC Research Study 470 ROI in 5 Years
BMC Discovery IDC Research Study 470 ROI in 5 Years
Chris Farwell
Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...
Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...
idescitation
IBM Offers ISVs a Fast Track for Virtual Appliance Deployment on New IBM Pure...
IBM Offers ISVs a Fast Track for Virtual Appliance Deployment on New IBM Pure...
benzfire
Cloud implementation security challenges
Cloud implementation security challenges
bornresearcher
328491-PCI-dss white paper
328491-PCI-dss white paper
Manoj Punamia
IRJET- Cloud Computing: Security Issues Challenges and Solution
IRJET- Cloud Computing: Security Issues Challenges and Solution
IRJET Journal
RightITnow Whitepaper
RightITnow Whitepaper
Marc Ferrie
ESG Labs Testing and Performance Audit of the NetBackup 5330 Appliance
ESG Labs Testing and Performance Audit of the NetBackup 5330 Appliance
Symantec
Neural Network Web-Based Human Resource Management System Model (NNWBHRMSM)
Neural Network Web-Based Human Resource Management System Model (NNWBHRMSM)
ijcncs
A study on security responsibilities and adoption in
A study on security responsibilities and adoption in
eSAT Publishing House
A study on security responsibilities and adoption in cloud
A study on security responsibilities and adoption in cloud
eSAT Journals
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
ebuc
Mais procurados
(20)
NIST Definition of Cloud Computing
NIST Definition of Cloud Computing
Cisco Secure Enclaves Architecture
Cisco Secure Enclaves Architecture
IRJET- A Survey on SaaS-Attacks and Digital Forensic
IRJET- A Survey on SaaS-Attacks and Digital Forensic
An Introduction to Designing Reliable Cloud Services January 2014
An Introduction to Designing Reliable Cloud Services January 2014
SLA Based Information Security Metric for Cloud Computing from COBIT 4.1 Fram...
SLA Based Information Security Metric for Cloud Computing from COBIT 4.1 Fram...
Centralizing security on the mainframe
Centralizing security on the mainframe
VMworld 2013: Get on with Business - VMware Reference Architectures Help Stre...
VMworld 2013: Get on with Business - VMware Reference Architectures Help Stre...
Using Cisco’s VMDC to help facilitate PCI compliance
Using Cisco’s VMDC to help facilitate PCI compliance
BMC Discovery IDC Research Study 470 ROI in 5 Years
BMC Discovery IDC Research Study 470 ROI in 5 Years
Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...
Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...
IBM Offers ISVs a Fast Track for Virtual Appliance Deployment on New IBM Pure...
IBM Offers ISVs a Fast Track for Virtual Appliance Deployment on New IBM Pure...
Cloud implementation security challenges
Cloud implementation security challenges
328491-PCI-dss white paper
328491-PCI-dss white paper
IRJET- Cloud Computing: Security Issues Challenges and Solution
IRJET- Cloud Computing: Security Issues Challenges and Solution
RightITnow Whitepaper
RightITnow Whitepaper
ESG Labs Testing and Performance Audit of the NetBackup 5330 Appliance
ESG Labs Testing and Performance Audit of the NetBackup 5330 Appliance
Neural Network Web-Based Human Resource Management System Model (NNWBHRMSM)
Neural Network Web-Based Human Resource Management System Model (NNWBHRMSM)
A study on security responsibilities and adoption in
A study on security responsibilities and adoption in
A study on security responsibilities and adoption in cloud
A study on security responsibilities and adoption in cloud
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
Destaque
Estrategias de c16 de 2012
Estrategias de c16 de 2012
Pilar Ariza
Fall_2016_Accessory_Linesheets
Fall_2016_Accessory_Linesheets
Mehtab Badwal
Connection point with Joaan station
Connection point with Joaan station
Mohamed Ibrahim
Social studies
Social studies
mafe
Segovia
Segovia
3sanagus
MAGPRO35KOMPAKT
MAGPRO35KOMPAKT
magnetdrill radiran
IT Diploma
IT Diploma
masukurh
OFIMÁTICA WEB
OFIMÁTICA WEB
Maricruz
Ian_McGrew 2016 resume
Ian_McGrew 2016 resume
Ian McGrew
Os alunos do 3º b da eb 1 do desterro
Os alunos do 3º b da eb 1 do desterro
2013-3102
Amentiratempernacurta 130324185909-phpapp01
Amentiratempernacurta 130324185909-phpapp01
margaridafonseca63
Tutorial de catal y renov jul 2010
Tutorial de catal y renov jul 2010
Ara Benit
Destaque
(12)
Estrategias de c16 de 2012
Estrategias de c16 de 2012
Fall_2016_Accessory_Linesheets
Fall_2016_Accessory_Linesheets
Connection point with Joaan station
Connection point with Joaan station
Social studies
Social studies
Segovia
Segovia
MAGPRO35KOMPAKT
MAGPRO35KOMPAKT
IT Diploma
IT Diploma
OFIMÁTICA WEB
OFIMÁTICA WEB
Ian_McGrew 2016 resume
Ian_McGrew 2016 resume
Os alunos do 3º b da eb 1 do desterro
Os alunos do 3º b da eb 1 do desterro
Amentiratempernacurta 130324185909-phpapp01
Amentiratempernacurta 130324185909-phpapp01
Tutorial de catal y renov jul 2010
Tutorial de catal y renov jul 2010
Semelhante a Deploying Vulnerability Management with QualysGuard
IT Infrastructure Management in Insurance: Get Better at IT Infrastructure Ma...
IT Infrastructure Management in Insurance: Get Better at IT Infrastructure Ma...
AutomationEdge Technologies
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
Symantec
Hybrid Cloud - Key Benefits & Must Have Requirements
Hybrid Cloud - Key Benefits & Must Have Requirements
Jamcracker Inc
What Is an IT Infrastructure_ Types and Components.pdf
What Is an IT Infrastructure_ Types and Components.pdf
Nukala Gopala Krishna Murthy
Ipm executive-summary-vi-federal
Ipm executive-summary-vi-federal
John McDonald
Sumo Logic IT Operations Solutions Brief
Sumo Logic IT Operations Solutions Brief
Manish Kalra
Security in a Virtualised Computing
Security in a Virtualised Computing
IOSR Journals
What's New at VMware?
What's New at VMware?
Vmwareir
Is it an internal affair
Is it an internal affair
George Delikouras
Cisco vmd cwithf5_big-ip_ltm_whitepaper
Cisco vmd cwithf5_big-ip_ltm_whitepaper
shankar Psschiatanya
Iaetsd design and implementation of secure cloud systems using
Iaetsd design and implementation of secure cloud systems using
Iaetsd Iaetsd
IT Infrastructure Management | Defination, Objectives & Strategies
IT Infrastructure Management | Defination, Objectives & Strategies
GrapesTech Solutions
Introduction to Symantec Endpoint Management75.pptx
Introduction to Symantec Endpoint Management75.pptx
Arrow ECS UK
Every cloud has a silver lining
Every cloud has a silver lining
Aditya Dashora
Oman logestic company
Oman logestic company
balqees91
BMC - Response to the SolarWinds Breach/Malware
BMC - Response to the SolarWinds Breach/Malware
Mike Rizzo
Cloud Computing - A future prerogative
Cloud Computing - A future prerogative
Wayne Poggenpoel
Tripwire enterprise 87_datasheet
Tripwire enterprise 87_datasheet
Devaraj Sl
A Trusted TPA Model, to Improve Security & Reliability for Cloud Storage
A Trusted TPA Model, to Improve Security & Reliability for Cloud Storage
IRJET Journal
Trusted computing: an overview
Trusted computing: an overview
TJR Global
Semelhante a Deploying Vulnerability Management with QualysGuard
(20)
IT Infrastructure Management in Insurance: Get Better at IT Infrastructure Ma...
IT Infrastructure Management in Insurance: Get Better at IT Infrastructure Ma...
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
Hybrid Cloud - Key Benefits & Must Have Requirements
Hybrid Cloud - Key Benefits & Must Have Requirements
What Is an IT Infrastructure_ Types and Components.pdf
What Is an IT Infrastructure_ Types and Components.pdf
Ipm executive-summary-vi-federal
Ipm executive-summary-vi-federal
Sumo Logic IT Operations Solutions Brief
Sumo Logic IT Operations Solutions Brief
Security in a Virtualised Computing
Security in a Virtualised Computing
What's New at VMware?
What's New at VMware?
Is it an internal affair
Is it an internal affair
Cisco vmd cwithf5_big-ip_ltm_whitepaper
Cisco vmd cwithf5_big-ip_ltm_whitepaper
Iaetsd design and implementation of secure cloud systems using
Iaetsd design and implementation of secure cloud systems using
IT Infrastructure Management | Defination, Objectives & Strategies
IT Infrastructure Management | Defination, Objectives & Strategies
Introduction to Symantec Endpoint Management75.pptx
Introduction to Symantec Endpoint Management75.pptx
Every cloud has a silver lining
Every cloud has a silver lining
Oman logestic company
Oman logestic company
BMC - Response to the SolarWinds Breach/Malware
BMC - Response to the SolarWinds Breach/Malware
Cloud Computing - A future prerogative
Cloud Computing - A future prerogative
Tripwire enterprise 87_datasheet
Tripwire enterprise 87_datasheet
A Trusted TPA Model, to Improve Security & Reliability for Cloud Storage
A Trusted TPA Model, to Improve Security & Reliability for Cloud Storage
Trusted computing: an overview
Trusted computing: an overview
Deploying Vulnerability Management with QualysGuard
1.
© 2013 Host
Integrity Systems, Inc. VMS All rights reserved. Host Integrity Systems and the Host Integrity Systems logo are service marks of Host Integrity Systems, Inc. All other trademarks are the property of their respective owners. Classification: //Host Integrity Systems/Confidential - Limited External Distribution. Any unauthorized review, use, disclosure or distribution is prohibited. White Paper: Deployment of Vulnerability Management Host Integrity Systems April 2013 For the full content of this white paper, contact : info@viateres.com OR info@hostintegritysystems.com
2.
© 2013 Host
Integrity Systems, Inc. 1 VMS Table of Contents INTRODUCTION ................................................................................................................... 2 THE IT SECURITY AND VM CHALLENGE ............................................................................ 2 IT SECURITY PROCESSES AND INTEGRATION OBJECTIVES .................................................. 4 THE QUALYSGUARD BENEFIT ............................................................................................ 5 QualysGuard UI ............................................................................................................ 6 THE DEVELOPMENT PROCESS ............................................................................................. 7 Deliverables................................................................................................................... 8 THE VM PROCESS............................................................................................................... 9 IT INTERFACES AND INTEGRATIONS ................................................................................. 10 Authoritative Data Sources.......................................................................................... 10 QUALYSGUARD VM SERVICE CONFIGURATION ............................................................... 12 Other Configuration Items........................................................................................... 13 CO-MANAGED VM SERVICE............................................................................................. 13 CONCLUSION .................................................................................................................... 15
3.
© 2013 Host
Integrity Systems, Inc. 2 VMS Introduction IT Vulnerability Management (VM) is one of the key functions within enterprise IT Security. VM monitors and mitigates certain risk vectors affecting the integrity, performance, and purposeful application of IT computing and communication facilities to proprietary operation of the business. Some level of VM is applicable to IT Security within almost every size and type of organization. This VM solution overview is focused particularly to an architecture and implementation integrating external vulnerability assessment services, internal IT computing facilities systems management, and internal IT process aligned vulnerability monitoring and remediation management. The overall strategy for VM design and implementation is centered around Collaboration, Integration and Automation . The characteristic challenges of this IT environment and the benefits of the designed solution are: Large enterprise with many data centers and thousands of IT deployment sites in a multi-national scope. Significant internal and external pressures to reduce IT operational costs. Use of a leading vulnerability assessment service (QualysGuard) for features, ease of deployment, and support. Interoperation with existing platform management systems (server, desktop, infrastructure). VM process integration and IT process alignment via a rich user interface automation system. The described VM solution allows the IT department to deliver expected levels of IT risk management, regulatory compliance, and cost effectiveness to the business. The IT Security and VM Challenge Organizations of every size and in every business environment face some common IT Security challenges in terms of operational needs, threats, and resources: 1. Need for reliable, highly available, secure transaction capabilities for communication and commerce1 . Customers, business partners, and governments universally demand2 this. 2. An almost infinite variety and behavior of IT platforms, communication protocols, applications, system configurations, use modes.
4.
© 2013 Host
Integrity Systems, Inc. 3 VMS 3. Rapidly and constantly evolving technology and threat profiles coupled with the variable landscape of defensible entry points and perimeters3 . 4. Specific business sector and customer community requirements Ex : Payment Card Industry (PCI) Data Security Standards (DSS) Compliance. The PCI Security Standards Council provides guidance for technology and process to meet requirements for secure and reliable financial transactions. And, finally, IT Security challenges must be addressed with solutions that integrate and support cost effective (profitable) business operations, flexibility, continuity contingencies, and value offered in the market. The IT Security solution set most effectively comes together as an organically engineered and deployed IT Security ecosystem aligned and integrated with overall enterprise IT and business operations. Vulnerability Management and its associated technology enablers automation - is one very key facet of the IT Security solution set. VM automation must be rationalized within enterprise IT operations and integrated into the IT Security ecosystem ; see . Figure 1 - IT Security Ecosystem
5.
© 2013 Host
Integrity Systems, Inc. 4 VMS Within the context of the IT Security challenges mentioned above and the goal of engineering a VM component for the IT Security Ecosystem we rely on a strategy that combines Collaboration, Integration and Automation CIA . The CIA approach to VM is further detailed in the following sections. IT Security Processes and Integration Objectives Contemporary business environments are highly competitive with significant cost pressure that trickles down to most every internal function and department. This coupled with the multi- faceted ever evolving demands on the IT department lead to some evident requirements for design, deployment, and functionality of the VM sub-function within IT Security. The CIA approach to VM will specifically address these: 1) Collaboration IT staff must be able to use and maintain the VM solution without additional specialized personnel or resources. This boils down to a balance of head count / labor cost, staff tasking load, competency, and availability + flexibility. A beneficial tactic to achieve the balance is to uplift IT staff capability and effectiveness via expertise of an IT Security partner coupled with integration and automation; C+IA. 2) Integration Integrate with and leverage existing IT processes and functions. Maximize use of existing IT computing platforms and services while minimizing implementation of new -off; and some IT Security infrastructure (VM automation) is necessary fo architectures and processes conforming to and complementing the existing IT environment will achieve the desired balance ; C+I+A . 3) Automation Vulnerability problems are often long standing and are certainly ever growing, so a robust VM solution was needed yesterday. We must minimize time to design and implement with an eye to effectively supporting the other two legs of the CIA approach. begin detecting and remediating vulnerabilities real soon. Employing optimal commercial IT security technology is a preferred tactic to minimize time to design & deploy as well as being a capability multiplier for IT staff and processes ; CI+A . Thus, Collaboration, Integration and Automation is the correct approach to leveraging and enabling people + process + technology: ................... snip ......................
6.
© 2013 Host
Integrity Systems, Inc. 9 VMS The VM Process The VM solution is a composite mechanism centered around the QualysGuard vulnerability assessment and reporting automation tool. Key integrations (inputs, outputs, feedback) with other IT systems and tools make the overall VM solution a semi-automated (low hands-on requirements) daily use tool contributing to IT security awareness and risk reduction. Figure 4 - QualysGuard VM Process
7.
© 2013 Host
Integrity Systems, Inc. 10 VMS IT Interfaces and Integrations An effective VM solution for the enterprise requires careful consideration of interfaces and integrations with other IT processes and systems. The key systems and interfaces must be identified, accommodated, and usefully leveraged where possible. This VM solution references important IT interfaces as shown in . Figure 5 - VM Interfaces & Coordinations Authoritative Data Sources shows the type of authoritative data sources useful for development and maintenance of QualysGuard (QG) assessment mapping, concurrency with IT network deployment, regulatory reporting, and other business operations needs. Table 2 - Authoritatave Data Sources
8.
© 2013 Host
Integrity Systems, Inc. 11 VMS The results of QG map scans of the enterprise IP ranges as well as results from periodic QG asset group scans offer opportunities for comparison of discovered hosts and sub-networks with the corresponding known information of the authoritative data sources ( ) . Where there are discrepancies between the QG discoveries and the authoritative data sources a feedback of corrective updates to the authoritative data sources can be implemented. Over time and consistent use of QG, enterprise IT asset and network information can be well refined by the interoperation and feedback loop. QG will increasingly be relied upon as the ground truth while the complementary IT authoritative data sources will become correspondingly reliable due to the corrective feedback. Illustrates the overall operational Vulnerability Assessment process with integrations (inputs, outputs, feedback) to other IT systems. Most stages of this process are directed by asset groups which define the vulnerability scan targets as well as reporting scope.
9.
© 2013 Host
Integrity Systems, Inc. 12 VMS Figure 6 - VM Process Cycle QualysGuard VM Service Configuration The QualysGuard VM service uses various configuration data sets to produce the operational behavior needed in the VM solution. These are generally one time created items by the VM solution administrator(s) or products of the QualysGuard operations itself. All of this information is both used by QualysGuard as well as reviewed and tuned by the VM solution administrator(s) with continuing operational activities. lists these QualysGuard configuration data sets. ................... snip ...................... For the full content of this white paper, contact : info@viateres.com OR info@hostintegritysystems.com
Baixar agora