Your browser is not supported. Please use Chrome, Firefox, Edge or Safari browser. More information

VULNERABILITY MANAGEMENT

As a basic principle, we consider it a fact that there is no 100% secure IT system, so it is necessary to constantly monitor the elements of the IT infrastructure. As for the elements of the system, it is important to know the exact versions of hardware components, running operating systems, software, platform elements, etc., and to constantly crosscheck them against the vulnerabilities that appear in order to ensure the level of protection of the system continuously.

Within the framework of our service, we use automated tools to detect and identify elements of the IT infrastructure and also automatically compare them with vulnerability databases. We can perform these tests without identification (read: the authorization granted to the device), but in order to filter out ‘false-positive’ results, it is recommended that we run a test with the appropriate authorization, which can be used to perform both compliance and hardening checklists as well.

The result is evaluated, and the vulnerabilities are categorized by the 4iG SOC team based on relevance, severity and exposure.

Then we sort the vulnerabilities into four categories:

  • In case of a critical-risk, relevant and exploitable vulnerability, immediate intervention is recommended.
  • A high-risk, relevant and exploitable vulnerability warrants a fix as soon as possible.
  • For a medium-risk, relevant and exploitable vulnerability, we recommend a fix scheduled for the next update time window.
  • In case of a low-risk, relevant and exploitable vulnerability, we typically propose an avoidance measure and, if the patch is available, the operating team schedules the fix along the lines of business criticality.

If no fix is available for the vulnerability, the SOC team may use another remediation procedure (for example, extra firewall rule, etc.) which it performs in consultation with the client.