Continuous Vulnerability Monitoring: The Case For A Managed Services Provider

Posted: August 17, 2017

One of the more valuable services offered by a managed services provider (MSP) is continuous vulnerability monitoring. It’s an ongoing security process that forms a major pillar of a complete security program.

Four important processes underpin continuous vulnerability monitoring: Discovery, Reporting, Prioritisation and Response. Each of these processes must work continuously and in unison to lower the risk profile of your online assets.

In this guide, we will detail these processes to demonstrate the value of continuous vulnerability monitoring in the hands of a managed services provider.

Discovery and Reporting

The Discovery phase sees your digital assets assessed and placed into low, medium and high risk categories. Typically, a software agent is released on your network to rapidly conduct an assessment and report on the state of your assets’ current vulnerabilities and patch compliance. Categorisation is also dependent upon factors such as configuration and exposure to Internet.

As vulnerability monitoring relies on concurrent processes taking place, the Discovery phase is important in that it builds a database of knowledge that the other three processes use. This database is constantly updated as your assets change.

When this database of knowledge is formed, reports that identify a number of different outcomes are produced; these reports are prioritised based on vulnerability and urgency in such a way that they assist other processes as they are taking place.

Prioritisation and Response

Prioritisation is the next stage of the risk mitigation process. When interpreting the report produced during the Discovery process, your managed service provider will sort vulnerabilities into a customised list that allows you or your provider to tackle them based on their urgency and business risk.

The Response stage refers to the way your organisation manages known threats that have been discovered. You can choose to completely rectify a threat, mitigate the risk by changing where in the network an at-risk asset is connected, or determine that a threat will not compromise network safety. Depending on the scope of the engagement your MSP can execute a remedy on your behalf or take direction from your in-house IT team.

Protection in a Constantly Changing Online Environment

By definition, continuous vulnerability monitoring is constant. New threats are discovered almost daily and added to the database of vulnerabilities. Depending on the size of your organisation and the risk profile of your assets daily, weekly or monthly vulnerability reviews may be necessary to keep up with the rate of change.

As your managed services provider, Computer One can provide continuous vulnerability monitoring to protect your organisation. Our Nexpose tool can focus on significant attack vectors and identify more than 60,000 minor through to urgent vulnerabilities.

If you are unsure about the need for a full-time monitoring service, the best place to start is with a once-off assessment. It will highlight current vulnerabilities and show you how necessary, or otherwise, continuous monitoring is, in the context of your network.

Get in touch with us to arrange a one-off inspection and report.