Analysis: Perimeter exploit exposure

Powered by SC Magazine
 

Vulnerability and patch management is key.

What is it?

Perimeter Exploit Exposure occurs when organisations aren't properly filtering enterprise network services at the network egress points. This allows attackers to remotely exploit services that should not be exposed. Although basic security practice, it is easy to forget what's exposed on an internet perimeter.

How does it work?

An attacker can easily use network mapping and vulnerability scanners to discover exposed services available at the perimeter.

Should I be worried?

Yes. We tend to lose focus when a new attack vector is introduced and forget to consider basic principles. However, it is covering the basics that can lower an attack surface.

How can I prevent it?

Vulnerability and patch management is the cornerstone. Organisations can restrict services available at the perimeter, while scanning for exposures and, when necessary, securing and patching those services. Open ports should also be removed when they are no longer needed.

This article originally appeared at scmagazineus.com

Copyright © SC Magazine, US edition


Analysis: Perimeter exploit exposure
 
 
 
Top Stories
Myer CIO named retailer's new chief executive
Richard Umbers to lead data-driven retail strategy.
 
Empty terminals and mountains of data
Qantas CIO Luc Hennekens says no-one is safe from digital disruption.
 
BoQ takes $10m hit on Salesforce CRM
Regulatory hurdles end cloud pilot.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  35%
 
Your insurance company
  5%
 
A technology company (Google, Facebook et al)
  9%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  4%
 
A Federal Government agency (ATO, Centrelink etc)
  18%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  7%
TOTAL VOTES: 4104

Vote
Do you support the abolition of the Office of the Information Commissioner?

   |   View results
I support shutting down the OAIC.
  27%
 
I DON'T support shutting the OAIC.
  73%
TOTAL VOTES: 1399

Vote