Posts
Computer scientists estimate that about 5 to 20 bugs are present in every thousand lines of software code, so it’s no surprise to see regular announcements of new vulnerabilities with related patches and workarounds. Your risk of vulnerabilities grows with use of General Public License software, particularly because implementers plug in untested modules of objectoriented programming code. When the quality of code is marginal, bad, or just plain wrong, experts call it ‘non-robust’. Modules of code placed in the public domain may include nonrobust implementations of Internet protocol standards, making them easy targets for attack when used in a real-world network.
Vulnerabilities must be identified and eliminated on a regular basis because new vulnerabilities are discovered every day. For example, Microsoft releases advisories and patches on the second Tuesday of each month – commonly called ‘Patch Tuesday’.
Careless programmers aren’t the only source of vulnerabilities. For example, improperly configuring security applications such as a firewall may allow attackers to slip through ports that should be closed. People using mobile devices may use an unauthorized or even a malware-infested website without going through the corporate virtual private network (VPN), perhaps because the official VPN is a bother when people want to surf MySpace, eBay, or the local online personal ads.
Letting your security guard down like this exposes devices and the network to attacks. You can even trigger an attack just by clicking on an email attachment infected with malware.The exploitation of vulnerabilities via the Internet is a huge problem requiring immediate proactive control and management. That’s why companies need to use VM – to detect and eliminate vulnerabilities in order to reduce overall security risk and prevent exposure.
Related Post
0 comments:
Post a Comment