Patch management involves updating systems, applications and products to eliminate security vulnerabilities. With vulnerability management, other systems can be focused specifically on hotspots. This therefore also applies, for example, to industrial components, robots or production facilities.Ī combination of both vulnerability management and firewall & co. If a Greenbone solution is in the network, every component that can be reached via an IP connection can also be checked for vulnerabilities, regardless of which device it is. Traffic that does not pass through the security system is not analyzed. In addition, firewalls, IDS or IPS systems also only detect vulnerabilities if the system allows it at all, and then only on the data traffic that passes through the respective security system. High-quality firewall systems may detect vulnerabilities, but unlike vulnerability management, they do not offer a solution approach for a detected vulnerability. The goal is to close vulnerabilities that could be exploited by potential attackers so that an attack does not even occur. In contrast, vulnerability management looks at the IT infrastructure from the outside in – similar to the perspective of attackers. Firewalls or similar systems therefore often only intervene once the attack has already happened. The goal is to ward off attacks that are actually taking place. Absolutely, because the systems mentioned focus on attack patterns – looking from the inside out.
0 Comments
Leave a Reply. |