Effective strategies in provisioning resources and maintaining assets
There was a poll conducted by Automox in companies with between 500 and 25,000 employees, with over 500 IT and InfoSec professionals answering the questions (https://www.darkreading.com/vulnerabilities---threats/missing-patches-misconfiguration-top-technical-breach-causes/d/d-id/1337410). Automox found that over 80% had been breached over the past 2 years, and the following numbers show the vulnerability type that was exploited in those breaches:
- Missing operating system patches (30%)
- Missing application patches (28%)
- Operating system misconfiguration (27%)
The chain of events that occurs after a successful phishing attempt or credential harvest generally involves exploiting one of the preceding vulnerabilities. The brilliant thing is that we can prevent this with the provisioning of approved configurations and ensuring our assets are maintained, with both operating system and application...