Privileged Access Management
Inside Recast Software: A Vulnerability Management Conversation
Topics: Privileged Access Management
Vulnerability management has become an essential part of any company’s cybersecurity strategy. As the 2022 breach at LastPass demonstrates, even data security companies can fall victim to cyberattacks. This breach at LastPass sparked an internal discussion at Recast Software around vulnerability management, which is partially shared within this post. Recast Software takes a proactive approach to managing vulnerabilities both to protect our own company and to help our customers harden their IT environments.
Third-Party Vulnerabilities
The LastPass breach highlights the dangers of third-party vulnerabilities. As Tuukka Tiainen of Recast Software recently noted in an internal discussion, these vulnerabilities can be just as dangerous as operating system vulnerabilities. Hackers often target third-party applications because they may not be as well-protected as operating systems, making them a potential entry point for an attack.
Recast Software has a robust internal strategy for managing third-party vulnerabilities. We use our own product Application Manager to deploy newly fixed software versions to our Microsoft environment in just 1 to 2 working days.
Additionally, our IT team actively reaches out to employees to remediate any vulnerabilities that may be present on their specific endpoints, particularly those with more obscure software in use. By managing third-party vulnerabilities quickly and efficiently, we minimize our risk of a cyberattack.
Zero-Day Vulnerabilities
Managing vulnerabilities is not just about patching. We also take a proactive approach to zero-day vulnerabilities. A zero-day vulnerability is a software vulnerability that is unknown to the software vendor and can be exploited by hackers before a patch is available. These vulnerabilities can be particularly dangerous as there is no patch available yet to protect against them.
To help protect against zero-day vulnerabilities, we use our product Privilege Manager to remove permanent local administrator privileges. This is the single most effective security control for protecting against critical and zero-day vulnerabilities in the Windows operating system. By removing permanent local administrator privileges, we can effectively prevent hackers from exploiting zero-day vulnerabilities on our endpoints. Additionally, when the day comes that a hacker does gain access to a credential, the attacker will be confined due to a lack of admin rights which limits lateral movement.
Vulnerability Management: Company-Wide Vigilance
Of course, managing vulnerabilities is not just about technology. It also requires a culture of vigilance and collaboration. As Head of Engineering Ann Kernan-Roll recently shared with all Recast employees, it is important for everyone to stay vigilant and collaborate with the IT team to verify the legitimacy of any requests for information. Hackers often use social engineering tactics to trick employees into giving up sensitive information, so it’s important to be on the lookout for these kinds of attacks.
At Recast Software, we encourage our employees to report any suspicious activity to our IT team. We also provide training to help employees recognize and avoid common cyber threats. By working together and staying vigilant, we can help protect our company from cyberattacks. We encourage our customers to do the same.
Incident Response Plan
In addition to managing vulnerabilities, it’s also important to have a plan in place in case a cyberattack does occur. At Recast Software, we have a comprehensive incident response plan that outlines the steps we will take in the event of an attack. This plan includes steps such as the initial response and classification of the attack, the identification of the root cause of the attack, and the implementation of additional security measures to prevent future attacks.
Conclusion
Vulnerability management is a critical part of any company’s cybersecurity strategy. The stream of significant breaches, including the recent breach at LastPass, demonstrates the importance of managing vulnerabilities quickly and efficiently. Recast Software takes a proactive approach to managing vulnerabilities, including third-party vulnerabilities and zero-day vulnerabilities. We also encourage a culture of vigilance and collaboration to help prevent cyberattacks and to respond effectively if one does occur. By working together and staying vigilant, we can help protect ourselves and our customers from cyber threats.