Is Your Vulnerability Management Scalable?

Is Your Vulnerability Management Scalable?

Few businesses remain stagnant. If your business is in the fortunate situation to be growing, your IT infrastructure has to grow to support it. Growth can bring new challenges to your vulnerability management program: more IT assets to include in the program (some of which, like mobile and remote devices might be challenging to include) and more potential vulnerabilities. This is where a scalable vulnerability management solution has significance. A program that can grow on its own as well as grow with other parts of the organization like patch, change and mobile device management is key.

As such, it’s crucial that you have a solid understanding of exactly how your vulnerability management solution works. Do you have a scanning tool that’s great for scanning a small, static network or a vulnerability management solution that supports a large diverse network? It’s equally important to understand what strategies your solution provider has in place to ensure that the solution will adequately grow with your organization – always helping you keep vulnerabilities at bay.

While this requires a little leg work on your part, conducting an assessment of a vendor and its offering is a proven approach to identifying strengths and weaknesses, and gaining a strong enough understanding to make educated decisions.

Here are some key questions we recommend asking your vulnerability management solution provider:

• How soon after a vulnerability is identified does the vendor’s research team come out with a way to find it?
• How does the vendor support new, emerging technologies like cloud and mobile?
• How does the solution support legacy systems?
• What performance metrics does the vendor have to validate the solution’s scalability for large systems?
• What options exist to scan different assets and networks in different ways?
• How does the vendor’s solution consolidate results?
• Does the vendor have a way to complete scans within a reasonable amount of time?

Bottom line: you need to feel comfortable that your chosen solution is providing you with the protection and visibility needed to properly protect the enterprise. Arming your organization with knowledge and a solid understanding of the solution you embrace is the best route.

Want to read more about this topic? Download Tenable’s e-book on 10 Steps to Effective Vulnerability Management to learn more about how a scalable and integrated vulnerability management program is a more effective vulnerability management program.