The Vulnerability Management Platform is part of the Application Security as a Service (AppSecaaS) program in PRIAMBA SOFT to manage the vulnerabilities identified through Vulnerability Assessments.
This project has two phases.
- The first phase is requirement elicitation, which includes the delivery of a detailed requirement description and a non-functional prototype of the GUI.
- The Second phase includes the product specification, process specification, and functional system.
1.1 Project Overview
A vulnerability is defined in the ISO 27002 standard as “A weakness of an asset or group of assets that can be exploited by one or more threats”. Vulnerability management is the process in which IT vulnerabilities are identified and their risks are evaluated. This evaluation leads to correcting the vulnerabilities and removing the risk or a formal risk acceptance by the management of an organization (e.g. in case the impact of an attack would be low or the cost of correction does not outweigh possible damages to the organization).
Vulnerability scanning consists of using a computer program to identify vulnerabilities in networks, computer infrastructure or applications. Vulnerability management is the process surrounding vulnerability scanning, also taking into account other aspects such as risk acceptance, remediation, etc.
1.2. Need for Vulnerability Management
The increasing growth of cybercrime and the associated risks are forcing most organizations to focus more attention on information security.
A vulnerability management process should be part of an organization’s effort to control information security risks. This process will allow an organization to obtain a continuous overview of vulnerabilities in their IT environment and associated risks.
1.3. Vulnerability Scanners
As vulnerability management is the process surrounding vulnerability scanning, it is important to understand how it is performed and what tools are available. No matter which vulnerability scanning solution is selected, it’s important to properly configure and tune scans to limit the amount of false positives in the scan results
1.4. Necessity of the Tool
Today, the level of technical expertise required to operate a vulnerability scanning tool is low. The majority of vulnerability scanners can be controlled using a GUI allowing a user to launch vulnerability scans against an entire network with a few mouse clicks.
Several vendors provide a variety of technical solutions, with different deployment options. It’s recommended an organization thoroughly tests vulnerability scanning products before deciding which solution best meets the requirements of the organization. Attention should be paid to the fact that scanning a single box with multiple products using their default settings could produce very different results. It’s important to properly configure and tune the scans.
PRIAMBA SOFT is designing a tool to select the appropriate dashboard, different scan tools, configuration and reports based on the factors in which business operates with the specific domain.
1.5. Tool Description
The Vulnerability Management Platform (VMP) is a user-friendly tool developed to assist the complete Vulnerability management process within the organization by integrating with various vulnerability scanning tools. It is part of the PRIAMBA soft “Application Security as a Service (AppSecaaS)” program to manage the vulnerabilities identified through Vulnerability Assessments.
The principal users of this system are the Security Officer, Vulnerability Engineer, Asset Owner, IT System Engineer, and Application security Consultant.
The key functionalities of this system are:
- Asset Inventory
- Data Classification
- SAST tool Integration
- DAST tool Integration
- Software composition analysis
- Remediation/Risk Acceptance Workflow
- Vulnerability Dashboard
- Scan Schedule
Vulnerability management process is to detect and remediate vulnerabilities in a timely fashion. Vulnerability management Platform framework enables companies to:
Save time with automated data flows. The visual integration framework lets users automate the bidirectional flow and mapping of disparate data – quickly and easily – while maintaining the performance of existing vulnerability management workflows.
Connect popular tools with out-of-the-box integrations. The integration framework supports the most popular application scanners, network scanners, ticketing, remediation and governance tools, including Fortify, AppScan, Qualys, Jira, BurpSuite and more.
Get data from structured and unstructured sources. The integration framework can connect to enterprise data sources, such as corporate databases and Active Directory. In addition, it can ingest data from semi-structured and unstructured data sources, such as penetration testing reports.
Push data out to other systems. Users can send notifications when vulnerabilities reach a threshold and push vulnerability data to remediation ticketing systems and governance, and risk.