5 Gardening Tips to Improve your Vulnerability Management Program

August 29, 2013
| |
2 min read

Five gardening tips to improve your vulnerability management program

I’m always gardening and looking for great plant deals at local nurseries or practical gardening tips in magazines and newspapers that I can apply to my garden, especially during these dog days of summer.

Recently, as I was browsing the Saturday newspaper for ‘end of season discounts’ at local nurseries, I came across an article about ‘tidying up’ your garden as the end of the growing season approaches.

As I was reading the article, I was intrigued by the similarities of these gardening tips with some common sense security practices you can apply to your infrastructure.

Here’s a list of five gardening tips juxtaposed with my version of a ‘end of summer’ to-do list to tidy up you vulnerability management program. Judge for yourself:

Tip for your.. Garden Vulnerability Management Program
Visit your garden The best deterrent to minimizing garden problems is to catch them early.  By getting out to the garden as often as possible, you can stop problems from becoming bigger. Continuous log monitoring of critical applications, servers, infrastructure and network flows are the best deterrent to catch and fix problems early on before they become compromises and result in loss of data or resources.
Aggressively look for pests While mother nature has ways of dealing with pest challenges, look under leaves and remove by hand, its very effective to target specific pests without harming the beneficials. Malware can attack many different access points and can hide in many discreet locations that can be difficult to detect and remove. Intelligent vulnerability scanning tools use correlated event data from critical assets, network activity and behavioral changes to look for well hidden malware and help security teams prevent breaches by selectively removing vulnerabilities  with the appropriate remediation plans.
Remove diseased leaves and plants One of the most effective ways so of keeping plant diseases from spreading is to tackle existing problems. Cut pull or remove parts that look diseased. Malware attacks against infrastructure can be prevented with  endpoint management tools that have the ability to remotely  manage endpoints, hardening them against future attacks and uninstalling suspicious malware.
Refresh your mulch Over a short period, mulch can break down and become less effective, keep a 2 to 3 inch layer over the so it does wonders, from suppressing weed growth, keeping soil borne disease off foliage, to holding in moisture Over time, most security defenses require a refresh.  By subscribing to information threat feeds, you can add a beneficial layer of security to stay on top of the latest threats and update your security defenses with preemptive protection against a wide variety of Internet threats.  IPS virtual patching tools that get regular updates provide that protective layer of security to hold back unwanted malware and at the same time, safeguard your data from leaving your organization.
Cut your losses While some added attention now will re-invigorate plants, cut your losses and pull the ones beyond hope from your garden Older generation security tools aren’t effective at protecting your organization from advanced threats, and are difficult to maintain, requiring a significant investment in staff.  Don’t be afraid to cut your losses  and yank these obsolete tools from your environment.  Reinvigorate with a security intelligence platform to optimize your infrastructure and be more proactive with your security defenses.

Taking proactive steps during these dog days of summer will provide just the encouragement you and your plants need to finish strong. This holds true for tidying up your vulnerability management program to ensure the security defenses are in place to protect the fruits of your labor.

Tim Appleby
Security Strategist for Retail Industry, IBM Security

Tim Appleby is a member of the Strategy and Planning team in IBM's new Security division. In his role as a Security Strategist for Retail, he provides insigh...
read more