Myths of vulnerability management

Software vulnerabilities are among the most popular targets of cybercriminals because they are known in large numbers and many companies are overwhelmed with patching. It often takes days, weeks or even months for companies to apply the available updates - yet vulnerability management could help them to drastically shorten this time span and thus significantly reduce their risk. However, they often have some misconceptions about what vulnerability management can do and how it affects the IT infrastructure.

Four myths

Adaptiva, a global leader in endpoint management and security solutions, identifies four myths that need to be dispelled:

1. If you patch regularly, you don't need vulnerability management: With the growing number of endpoints in companies, the management effort also increases. Keeping an eye on all applications on all devices and always being up to date on new vulnerabilities, continuously checking the availability of updates and quickly applying them after release is an impossibility for IT managers without software support. Vulnerability management ensures that no system is overlooked and automatically distributes the available patches and fixes.
2. Vulnerability management is expensive and a burden on the infrastructure: Although costs are incurred for the acquisition and introduction of vulnerability management, the solutions actually relieve the IT budget in the long term. Automated endpoint checks, preconfigured vulnerability responses, and automatic patch distribution relieve employees of many manual tasks, freeing them up for other IT projects. Solutions with P2P architecture also do not require a complex server infrastructure, as they use unused client resources, and place less of a burden on the network than centralized tools. This offers enormous savings potential, especially in environments with a large number of endpoints.
3.  Vulnerability management is difficult to implement on remote workstations: Even if endpoints are located outside the corporate infrastructure, modern vulnerability management keeps them at the current patch level. IT managers can schedule scans in advance so that they run automatically at predefined times and do not have to be triggered by a server. Since an agent on the device does the scanning, the results are usually even better than remote scans that only have an outside view of the system. Moreover, in solutions with P2P architecture, it is sufficient if only one client in a remote office has a connection to the central office - the other clients receive new vulnerability scans and patches from it.
4. A vulnerability test is a test you can pass: A vulnerability scan provides only a snapshot. If the user or administrator installs new applications, the system is potentially vulnerable again - as well as if new vulnerabilities are discovered for already installed applications. IT managers must therefore view vulnerability management as a process that requires not only regular vulnerability scans, but also continuous improvements to testing routines and responses.

patching relief

"Modern vulnerability management can analyze tens of thousands of endpoints within a few minutes," explains Torsten Wiedemeyer, Regional Sales Director DACH at Adaptiva. "It thus makes a decisive contribution to minimizing risk in companies and can significantly relieve IT teams of routine tasks such as patching security vulnerabilities through many automatisms." Adaptiva's solutions, including OneSite and Evolve VM, enable organizations to easily, quickly and cost-effectively manage and secure endpoints using powerful peer-to-peer technology.