Response
Once a Network Vulnerability Scan report is obtained, it is important to devise a mitigation plan to mitigate all the vulnerabilities highlighted as part of the report. The following are a few solutions that can be part of the Network Security Scan report:
- Close unwanted ports and disable unwanted services
- Use strong and uncommon passwords
- Always apply latest patches and updates
- Uninstall or update older versions of software
- Disable legacy and old protocols in use
- Use strong algorithms and authentication mechanism
The report needs to be compiled based on the findings, and tasks are to be assigned to the respective departments. For example, all the Windows-related vulnerabilities are to be mitigated by the respective team that is responsible for maintaining Windows machines. Once the responsibilities have been sorted across the teams, the teams are expected to perform an impact and feasibility analysis on the solution provided in the report. The teams have to check the solutions against the security objectives, confidentiality, integrity, and availability. These mitigations can be used as a baseline to create hardening documents, including any other available baselines in public or private domains.
Once the solutions have been implemented on the affected hosts, it is important for the team to include these recommended remediations into the existing policies in order to avoid misconfiguration in the future. These policies are to be updated from time to time in order to be in line with the current security standards.
Any organization or individual needs to comply and create a cycle of the following activities to achieve its information security objective:
- Vulnerability assessment
- Mitigation analysis
- Patch, update, and mitigate
A vulnerability assessment as mentioned previously will result in all the open gaps present in the network, after which mitigation analysis is required to understand the remediations that must be implemented and also to perform a feasibility check on whether it would have any impact on the continuity of the network components. Once all the remediations have been identified, implement the remediations and jump to step 1. This cycle, if performed quarterly, could ensure maximum protection to your network.
Note
Always make sure that the solutions have been implemented on a test environment for any effects on the continuity of the applications hosted on the networks; also look for any dependencies to ensure that the network functionality is not affected.