Consider the following scenario: a security scan of a network produces no significant security findings. An upgrade occurs in which certain network devices are replaced with more secure make/model/versions. A followup scan is performed and reports no significant security findings. Clearly the network IS more secure as the result of the upgrade, but it is transparent to security configuration scans and testing. Clearly, more insight is required into the actual network security posture. Our work focuses on broadening that perspective.
Attend this session and learn how traditional approaches to network security rely on testing exposed devices and their current configuration (i.e. the “security configuration”) to assess security posture. Security configuration is tested via network vulnerability scanning and/or penetration testing that detects and reports vulnerabilities.
Testing produces a set of findings, prioritized by risk (e.g. CVSS), against which is difficult to measure and track remediation progress. Furthermore, the traditional approach yields no insight into the breadth and depth of the security controls supported by the network devices, referred to as “security capacity”.