You are here: silicon.com > Resources > White Papers > IT Management > IT Infrastructure > Infrastructure Management

Improving Vulnerability Management with Penetration Testing

Overview Vulnerability management consists of a combination of technologies and processes that can be used to improve an organization's security posture and to support regulatory compliance initiatives. Security managers commonly use vulnerability assessments to determine the security state of their IT systems. However, changing processes and technologies present a challenge to vulnerability assessment tools, as they can go only so far in detecting potential attack paths. In addition, changes in technology and business processes are reducing vulnerability assessment effectiveness even further.

According to Gartner*, deeper penetration testing is now needed to augment existing vulnerability management processes, especially in light of the rising level of targeted attacks.

During this on-demand Webcast, you'll hear from:

John Pescatore, from featured analyst firm Gartner, who discusses the overall state of security, including recent attack trends
Alan Paller of the SANS Institute, who provides insights on how penetration testing can be used to mitigate the impact of these trends

Alan Paller also interviews A. Eben Berry, Director of Network and Security Infrastructure from BlueCross BlueShield of Massachusetts, about why repeatable testing of security defenses is a high priority for his organization.

*Penetration Testing Augments Vulnerability Management to Deal with Changing Threats; John Pescatore, Amrit Williams, Mark Nicolette, Paul Proctor and Kelly Cavanaugh; January, 2006.

Further White Paper Details
Publisher	Core Security
Live Date	20th September 2006 00:00 BST
Format	Webcast
Topics	Infrastructure Management, Knowledge and Data Management, Anti-Hacking, Firewalls, Network Security, Security Standards, Security Management, Data Recovery - Security, Intrusion Detection Systems, Best Practices

Did you find this white paper useful? 4 out of 5 users found this white paper useful

IDC reports on Novell's Secure Desktop Solution: A Modern-Day Marriage of Business Benefit and Risk Reduction

Publisher:
Novell

Green IT: Reducing your Carbon Footprint with Citrix

Publisher:
Citrix Systems

Ovum Report: IBM Simplfies Service Management to facilitate business and IT

Publisher:
IBM

Protecting virtual macchines: the "best of Vmworld" approach

Publisher:
Citrix Systems

Security Beyond Corporate Boundaries: Using Citrix Application Delivery to Protect Corporate Information Anywhere Business Happens

Publisher:
Citrix Systems

London firms warned of Serbian cyberattack

He said he has privately contacted the specific companies he believes are at risk from Serb-sponsored forces.mi2g's information comes from a network of anonymous software engineers, who do penetration testing on the its behalf.

Channel:
Law & Policy

Mitnick on Mitnick: Why I'm going legit

We will do penetration testing to look at the network from outside and the inside to look for weakness in both technology and operations. We will also have a vulnerability assessment side of the business, looking at weaknesses in technology as well...

Channel:
Security Strategy

Sasser worm infects a million computer systems

The Sasser programs take advantage of a vulnerability in unpatched versions of Windows XP and Windows 2000 systems. The worms infect vulnerable systems by establishing a remote connection to the targeted computer, installing a File Transfer...

Channel:
Security Strategy

Worm outbreak feared after port scanning spike

A rise in activity on TCP Port 445 could be a sign that hackers are trying to exploit a flaw in Server Message Block, Gartner analyst John Pescatore said on Thursday. Increased scanning does not always mean an attack will happen but it greatly...

Channel:
Malware
Tags:
port scan,
worm,
scanning

Be secure: 'Plan, don't patch', says AV pioneer

Predicting the weather is not a perfect science but it can help a lot," said Tippett, who advises companies to spend more time assessing risk and the probability of attack rather than waiting for the window of vulnerability to open and then...

World Bank hit by cyber intrusion epidemic?

Cluley said: "Ideally, if you're a large organisation or financial organisation, then you would have a team of penetration testers testing your system to the limit looking for those weaknesses, looking for those holes.

Live Webcast: Telecoms 2.0 - Where is telecoms heading?

In this webcast, our panel of experts will review where we are with next generation telecoms in the UK, working through the concept of 'Telecoms 2.0': - Realising the potential of Next Generation Networks - why it isn't just about the technology? - What attributes should firms be looking for in their telco partner? - Is the relationship between telco provider and customer changing? - What things need to happen to make next generation services a reality? - You say you want the supplier to change. Do you want to change too? - What is Telecoms 2.0?

Publisher:
ZDNet UK

Telecom 2.0: Mind over matter

ntl:Telewest Business believes that the role of the telco is evolving. Gone are the days when it was enough to simply focus on circuits and minutes, customers now need a far higher degree of interaction and look for suppliers who will talk business solutions with them.

Publisher:
ntl:Telewest Business

IBM Information Server Change Data Capture

In today's fast-paced world, access to real-time data has never been more important. To be successful, organizations need to be able to report and analyze corporate data quickly and easily, regardless of what applications created the data, what platform they're running on, or what database they're stored in.

Publisher:
IBM

An examination of server consolidation: the trends that can drive efficiencies and help businesses gain a competitive edge

This white paper provides a starting point for organizations contemplating server consolidation. It includes an overview of server consolidation concepts and techniques and provides guidance on methodologies. It also looks at the potential cost savings associated with server consolidation and offers information on how organizations can sustain the advantage they have gained by consolidating their servers.

Publisher:
IBM

Also on silicon.com

Site Navigation:

Improving Vulnerability Management with Penetration Testing

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific