Community Wisdom #1: Preparing for Zero Day Vulnerabilities
Insights from security professionals on the top questions asked by our readership
Hello! Welcome to the first community wisdom post.
In this segment, we gather our community’s questions and ask our most experienced readers to offer up their pearls of wisdom. Our aim is to help our community grow, share ideas, and assist everyone in stepping up their cybersec game. When we come together as a community, we can stop the adversary in their tracks.
Q: Can you really prepare for zero-day vulnerabilities?
I think so, by having in place an Information Security Management System (ISMS) in which the organization’s information assets have been reliably identified and the relevant security controls for such incidents have been implemented.
Remember that, at all times, we must address the mitigation of vulnerabilities of this type of incident.
– Antonio, Operations Manager
It’s very hard to to prevent for zero day vulnerabilities but preparing to reduce the attack surface might lead you readiness to zero-day vulnerabilities. If is not discover, does not mean it is not vulnerable.
However, we can use threat hunting to proactively improve security defenses.
– Maher, First Responder in an MSS
Yes, you prepare for anything by knowing everything. If you know what components are required by your architecture, and if your architecture is properly designed, you can turn off minimal functions while waiting for the permanent fix.
– John, CTO
I don’t think you really can but that’s one of the things I look to the newsletters for! I keep things as patched as I can and work to keep unused ports inaccessible but what do you do if a software flaw uses a commonly used port? I think you can only try and minimize what risks you can and monitor news of patches. I try to keep our products as patched as possible.
– Meir, Network Administrator
Q: How can system administrators reduce the risk of an attack? What is the best way for them to support the cybersecurity team?
Keep reading with a 7-day free trial
Subscribe to Packt SecPro to keep reading this post and get 7 days of free access to the full post archives.