|
Since 1999, MITRE Corporation has been researching common vulnerabilities and exposures (CVEs), now funded by the U.S. Department of Homeland Security (DHS).
USCERT, also funded by the DHS has discovered that a majority of downtime, data theft, network breaches and IT compliance related issues are a direct result of an exploit against a known vulnerability (CVE) in a network asset.
If you’ve only purchased countermeasures such as traffic inspecting firewalls, intrusion detection and intrusion prevention systems, you may already be exploited by having backdoors or other malware in your trusted systems such as laptops, desktops and servers.
You might also have CVEs which are easily exploited in a way which does not ‘trip’ the alarm of your IDS/IPS or the blocking functionality of your firewall. The only way to more preemptively, proactively protect your network assets is by passive and active real-time asset inspection, alerting, blocking and remediation.
|
