By Dan Wolff, Director of BigFix Product Management and Product Marketing.

We have a problem folks. Nearly one-third of all detected enterprise vulnerabilities remain open after a year, and one quarter are never remediated1. This leaves corporate networks exposed to malicious attack from outside or even insider threats.  

The vulnerability remediation gap is a universal challenge.

Why is this happening? Why can’t enterprises effectively address this problem? A few reasons come to mind:  

  • The sheer volume of reported vulnerabilities: Larger organizations can have tens of thousands of active vulnerabilities at any one time. It’s a mountain that is hard to climb.
  • Lack of prioritization schemes: A common way to address the problem is to determine which vulnerabilities are most urgent, and deal with those first. This is easier said than done with limited options available for effective prioritization.
  • Patching can break and disrupt systems: Imagine telling the owners of business critical services that their servers must be taken down to patch. Or that end users need to reboot their systems. Remediation can be disruptive.
  • IT operations (patching) is usually a different team: Security teams using vulnerability scanners usually operate separately from IT Operations, speak a different language and have different goals.
  • Finding the right patch for the right SW on the right endpoint is HARD: The correlation required to align software, OS, location, etc. is not easy and is error prone. 
  • …as well as resource constraints: There are never enough people to carry out business requirements. Period. 

The vulnerability remediation gap can cause catastrophe.

In the summer of 2017, the security team at a top 3 credit rating corporation detected that several unpatched and misconfigured servers had the known Apache Struts vulnerability, which had a live exploit deployed in the wild. Due to lack of prioritized remediation, there was atwo-month gap in applying the patch, resulting in the exposure of 143M customer records (40% of all US citizens). As a result, the entire C-Suite was fired as well as $1.4B in cleanup cost and $1.3B set aside to resolve consumer claims. 

Why is this so hard? 

Typically, a skilled IT Operations or Security specialist will spend at least 2-3 minutes researching the right remediation for each vulnerability. With potentially hundreds or thousands, it can be a full time job.

What does this mean in real terms? An organization with 1,000 running vulnerabilities will spend up to 50 person-hours per scan cycle researching and correlating available fixes to the correct assets.  

On April 6th, HCL BigFix announced Insights for Vulnerability Remediation

The BigFix Insights for Vulnerability Remediation application is included in the BigFix Lifecycle and BigFix Compliance suites. This new technology integrates with and others to crush the vulnerability remediation gap, align security and operations teams and dramatically reduce the corporate attack surface faster than ever before. 

BigFix Insights for Vulnerability Remediation leverages Tenable’s Vulnerability Priority Rating (VPR) which combines Tenable-collected vulnerability data with third-party vulnerability and threat data and uses proprietary data science algorithms to focus customers on the top 3% of vulnerabilities that are most likely to be exploited in the near future.

BigFix Insights for Vulnerability Remediation automates the vulnerability remediation process with no fewer than four correlation engines which: 

  1. Correlate endpoint ID with the Tenable endpoint ID 
  2. Correlate the found vulnerability to a Fixlet  
  3. Identify and assign the superseded (latest) remediation 
  4. Correlate the BigFix endpoint to the latest Fixlet 

With BigFix Insights for Vulnerability Remediation, the organization with 1,000 vulnerabilities can remediate in less than two hours by automating manual processes and reducing errors and associated rework. Now, this IT organization is able to quickly implement fixes and effectively prove compliance to auditors and executive stakeholders. With BigFix Insights for Vulnerability Remediation, IT Security and IT Operation teams are able to collaborate effectively to quickly remediate vulnerabilities discovered by Tenable, providing significant operational and organizational value to  the CIO and CISO. That value is realized through: 

  • Aligning Security and Operations teams with intelligent automation.
  • Compressing security vulnerability remediation times by an order of magnitude.
  • Reducing enterprise security risk.

And all of this with no additional agent and no performance impact. Better yet, BigFix coveryour entire environment with over 12 operating systems and nearly 90 variations. 

 A final word

Legacy vulnerability management processes are no match for today’s complex IT landscape – which includes cloud, mobile, web, IoT and OT assets. They fail to deliver what is most important: fixing gaps as quickly as you find them. It is time to change the conversation. 

BigFix is here to help! 

For more information

1 Persistent Vulnerabilities, Their Causes and the Path Forward, Tenable Research, June 2020.

Comment wrap
Further Reading
Automation | June 22, 2022
Best Practices for Patching Workstations
Learn BigFix best patching practices from an experiened Technical Advisor, Brad Sexton.
Automation | June 20, 2022
IDC ranks HCL Software As a UEM Leader
HCL Software announced that HCL BigFix is ranked in the Leader category in three new IDC MarketScape reports. IDC’s newly released reports on Worldwide Unified Endpoint Management (UEM) software for IoT, Apple devices and SMB rate products from dozens of companies.
Automation | June 3, 2022
Why Patch Management is Important and How to Get It Right
Software is periodically updated to add new features, fix bugs and other vulnerabilities. Patch management involves managing the computers across the enterprise and keeping them up to date. Read the blog for further details about leveraging the power of BigFix to optimize your endpoint management solution and processes.
Filters result by