Vulnerability management seeks to lower risk by identifying and dealing with any possible lines of incursion into a network by cybercriminals.
The field of vulnerability management includes automated scans, configuration management, regular penetration testing, patching, keeping track of various metrics, and reporting. The category has been evolving rapidly within cybersecurity, and here are some of the top trends in the vulnerability management market:
1. More Than Scans
Vulnerability management is all about identifying, prioritizing, and remediating vulnerabilities in software.
As such, it encompasses far more than the running of vulnerability scans repeatedly to look for known weaknesses lurking within the infrastructure. Traditionally, vulnerability management also includes patch management and IT asset management. It addresses misconfiguration or code issues that could allow an attacker to exploit an environment as well as flaws or holes in device firmware, operating systems, and applications running on a wide range of devices.
“These vulnerabilities can be found in various parts of a system, from low-level device firmware to the operating system all the way through to software applications running on the device,” said Jeremy Linden, senior director of product management, Asimily.
See more: A holistic approach to vulnerability management solidifies cyber defenses
2. Vulnerability Management Broadens
Some analysts and vendors stick strictly to the NIST definition when they’re talking about vulnerability management. Others include security information and event management (SIEM) with vulnerability management as part of larger suites. And a few combine it with threat intelligence, which prioritizes actions and helps IT to know what to do and in what order.
Gartner recently originated the new term attack surface management (ASM). The analyst defines ASM as the “combination of people, processes, technologies, and services deployed to continuously discover, inventory, and manage an organization’s assets.”
ASM tools are said to go beyond vulnerability management. The aim is to improve asset visibility, understand potential attack paths, provide audit compliance reporting, and offer actionable intelligence and metrics.
3. Vulnerability Management as a Service
The as-a-service trend has invaded so many areas of IT, so it’s no wonder that vulnerability management as a service has emerged.
“With more than 20K vulnerabilities found and published in a single year, vulnerability management has become an enormous task,” said Michael Tremante, product manager, Cloudflare.
“This is made worse for large enterprises who also have the challenge of not necessarily knowing the full set of software components being used internally by the organization, potentially putting the company at risk. A big trend is adoption of managed services/SaaS environments, as they are externally managed, and offloading of vulnerability management to third parties.”
Thus, a growing set of products are hitting the market that help companies tackle vulnerability management via managed services of one kind or another.
See more: Vulnerability Management as a Service (VMaaS): Ultimate Guide
4. Container Vulnerabilities
The container security market is growing steadily. It is expected to be worth more than $2.5 billion by 2025, according to analyst firm KuppingerCole.
Containers and Kubernetes have become largely synonymous with modern DevOps methodologies, continuous delivery, deployment automation, and managing cloud-native applications and services.
However, the need to secure containerized applications at every layer of the underlying infrastructure — from bare-metal hardware to the network to the control plane of the orchestration platform itself — and at every stage of the development life cycle — from coding and testing to deployment and operations — means that container security must cover the whole spectrum of cybersecurity and then some, said KuppingerCole.
Vulnerability management platforms are gradually adopting features aimed squarely at containerized environments. Several vendors have announced new container vulnerability scanning and vulnerability management features. Expect these to become a barrier to entry in the near future.
See more: Securing Container and Kubernetes Ecosystems
5. Autonomous Endpoint Approach
Due to the way the threat landscape is evolving, the way vulnerability management platforms are shifting, and the fast pace of innovation as evidenced by containerization, digitalization, and the cloud, a new approach is needed, according to Ashley Leonard, CEO, Syxsense.
“Businesses possess incredibly powerful processors inside storage equipment, servers, and desktops, which are underutilized in many cases” Leonard said.
“Many of the tasks managed today by the cloud could be better performed at the endpoint — and we will begin to see some functions decentralized onto endpoints to take advantage of this untapped compute potential.”
For example, Syxsense has been incorporating more features into its vulnerability management tools. This includes more orchestration and automation capabilities, stronger endpoint capabilities, and mobile device management. These augment existing patch management, vulnerability scanning, remediation, and IT management capabilities.
See more: 12 Top Vulnerability Management Tools