November 7, 2022
Vulnerability management is the continuous process of detecting and remediating known vulnerabilities that could be a threat and pose a risk for your environment. These vulnerabilities are discovered by vendors themselves, and require organizations to patch their environments before any cyber attack happens. Vulnerability management calls for a more proactive approach—to identify vulnerabilities as soon as they are uploaded in vendor databases. You can view known vulnerabilities in many public sources, such as the National Vulnerability Database (NVD) or vendor databases, where they are freely available. Additionally, several vendors offer access to private vulnerability databases via paid subscription.
There are too many vulnerabilities to track manually and the window between disclosure and exploit is too short. Bad actors will always want to exploit vulnerabilities and attack a workstation or server, and detecting vulnerabilities after exploitation is a reactive process which puts your sensitive data at risk. Once malicious actors have a gateway in the network they can quickly exploit other machines within the network. Addressing vulnerabilities beforehand is critical in minimizing the attack surface of your infrastructure. We call this vulnerability assessment. You can't fix what you can't see, which is why IT admins and security personnel need to know about the threats and perform proactive vulnerabilities assessment in their network at all times.
The Runecast platform is constantly updated to detect the latest vulnerabilities for all of the supported technologies. All the information is found in the Vulnerabilities section. This section is dedicated to highlighting any applicable vulnerability for all your connected systems. A related widget, located on the main dashboard, provides a quick overview of your vulnerability exposure. An example is shown in the screenshot below.
When you jump to the Vulnerabilities section, you can filter by using multiple filtering options to find the exact product or CVE you are interested in, to see whether your environment is affected or not.
Additionally, Runecast offers you the option to filter CVEs according to whether or not they are found in the Known Exploited Vulnerabilities Catalog which is maintained by CISA. The KEV catalog was recently added to Runecast and is an incredibly useful tool. This means that all of the vulnerabilities that are known to have been exploited are highlighted in the Runecast appliance for easy prioritization.
There’s also the ability to export reports regarding your Vulnerabilities, so that you can share them with other teams. These reports can select specific CVEs, VMSAs, or even products, or create a Jira issue directly from the Runecast platform.
Vulnerabilities will always exist as long as software is developed, and it's just a matter of time before vulnerabilities manifest themselves into security issues. We have to accept the fact that vulnerabilities will always linger in the darkness and threaten our environments, but what we suggest here is a proactive approach to prevent bad things from happening. This is why you should choose Runecast. Runecast is built upon progress and development. We support your progress and development by offering you a proactive solution to prevent your weaknesses (vulnerabilities) from turning into issues.
Runecast’s vulnerability management and assessment covers Kubernetes, VMware vSphere, Horizon, NSX-T, and VMware Cloud Director (vCD), as well as Windows and Linux so you can check any discovered vulnerability across your entire infrastructure in one platform.