Vulnerabilities: A Race of You Vs Them
Imagine the steady stream of cyber attacks that most companies face today. These vary in type and sophistication, but they arrive more or less regularly. And, they get more sophisticated each year. Data shows that adversaries weaponize vulnerabilities within seven days once they’ve been disclosed — typically, that’s roughly 15 times faster than organizations are acting.
Now imagine that instead of bracing your organization for cyber attacks, you can sidestep most of them by proactively managing your vulnerabilities. By adopting an accelerated response time to critical and zero-day vulnerabilities, you can reduce your company’s exposure, and every part of your security system gets better. Now more than ever, organizations need to consider how they can increase the velocity and agility of their IT and SecOps operations to strengthen their cyber defense.
Introducing the 24/72 Endpoint Hardening Threshold
Let’s say it again: Data shows that adversaries weaponize vulnerabilities within seven days once they’ve been disclosed. Typically, organizations are taking up to 102 days to patch their systems after that happens. In fact, you can grow corn from seed to harvest faster than most organizations are deploying a single patch. To state the obvious: This isn’t fast enough.
To achieve a sustainable security posture, speed is essential to a proactive stance. Bottom line: Zero-day vulnerabilities need to be patched within 24 hours and all other critical vulnerabilities within 72 hours – what we refer to as the 24/72 endpoint hardening threshold. Outside this threshold, hardening increasingly becomes a reactive exercise with little to no pre-incursion value.
The 24/72 endpoint hardening threshold is the new norm for establishing a true, all-encompassing endpoint hardening practice. In fact, with Automox some of our largest customers are optimizing the automation capabilities of our patch management feature to remediate critical vulnerabilities well within the 24/72 threshold. In other words, these customers remediate vulnerabilities over 30 times faster than the industry average.
Reducing Your Corporate Attack Surface with Proactive Endpoint Hardening
We talk a lot about how cyber hygiene, with an emphasis on endpoint hardening, can help a corporation reduce their exploitable attack surface — effectively helping them to become a smaller, faster target. What does that mean? It means that you don’t have to invest in so much cumbersome armor, which lightens your security load.
To think of this in different terms, it might help to ask, “What are the factors that make us a bigger target?” Here are some notable ones:
- Growing device footprints
- Remote and/or mobile workforces
- Various operating systems
- Various device types
By looking to the fundamentals of good cyber hygiene and realizing the speed you need to proactively respond to current threats, organizations can side-step up to 80-90 percent of cyber threats. And best yet, the Center for Internet Security (CIS) has provided an authoritative set of controls to help organizations evaluate and plan their cyber hygiene. These principles are practical and actionable, and they’re relevant to almost any organization’s IT ecosystem.
The CIS cyber hygiene controls give us a clear set of guidelines, though the specific tools for putting these concepts into place are up to companies to source.
The Benefits of Automox: Automated, Cloud-Native Technology
Automox provides automated, cloud-native patch management and endpoint hardening that enables organizations to reduce their exploitable attack surface and proactively eliminate the vulnerabilities that adversaries target most.
Delivered as a modern cloud service with cross-platform support, Automox provides foundational system hardening by automating the enforcement of critical patches, software updates, security configurations, and custom scripting across diverse endpoint environments. Additionally, it provides a common view of all corporate devices - whether on-premises, in the cloud, or on the move.
Automox enables both IT and SecOps teams to better anticipate and respond to threats by dramatically reducing the time and effort it takes to harden their endpoints. In fact, to say it again: Automox customers are remediating vulnerabilities over 30 times faster than the industry average.
Here’s a quick glance of what Automox offers:
- A single solution for all your Windows, OSX, and Linux endpoints — whether they’re on-prem, in the cloud, or on the move.
- Eliminates legacy infrastructure and VPN hassles while operating from a single, cloud-native console.
- Based on an open, extensible automation architecture that allows IT operations to create any custom task they can imagine.
- Uses worklets — reusable units that can be shared with peers and applied across Windows, Linux, and OSX devices — to define and carry out key repeatable tasks.
- Policy-driven automation allows for autonomously securing endpoints without hands-on maintenance.
You can always learn more at www.automox.com.
Get Your Free Guide to Better Protect Your Corporate Endpoints
See where your organization stands when it comes to its ability to avert cyber attacks. Download our free guide to assess your company’s cyber hygiene practices specific to endpoint hardening. We offer actionable guidance to help you reduce your corporate exposure and improve your ability to combat today’s cyber threats.
