Not just for scanning known vulnerabilities

As you all probably know, vulnerability management is a process of finding the vulnerabilities in your system, code, network architecture in short on. Conducting it manually is possible, nevertheless requires thorough knowledge of the actual traffic, interfaces, attack vectors and protocols. It as well requires tedious planning and follow-up so that discovered vulnerabilities in the long run get fixed by deploying the latest patches, or kicking those unmaintained legacy boxes forgotten into the network, to where they belong.

To sum it up: vulnerability management is important, however never ignore the effect of unknown vulnerabilities. Do not rely only on known vulnerability databases and network scanners to secure systems, as that will leave all zero-day vulnerabilities with no existing patches open to exploit.

Ask any Windows administrator or security professional and you will find widespread support for locking down PCs by removing users' administrative privileges. Why at that time have so many IT organizations been unable to implement better controls in their desktop environments? The truth is that removing admin rights is only one part of an application control solution.Download this whitepaper from Bit9, the leader in advanced threat detection and prevention to learn the top 5 things you need to know about administrator rights and security.

ITworld Answers is a service that helps IT pros resolve innovation questions. Post a question, and let your peers in the ITworld community take a crack at solving it!