2018 Press Releases

July 25, 2018

BeyondTrust Thought Leaders Release Book Focused on Asset Attack Vectors and Building Effective Vulnerability Management Strategies

BeyondTrust announced the availability of a new book, Asset Attack Vectors:  Building Effective Vulnerability Management Strategies to Protect Organizations. The book, authored by BeyondTrust’s Chief Technology Officer, Morey J. Haber, and Chief Operating Officer, Brad Hibbert, and published by Apress, is focused on how to build an effective vulnerability management strategy to protect an organization’s assets, applications, and data.

As published in BeyondTrust’s recent survey, next-generation, transformative technologies such as AI/Machine Learning and IoT, and business processes like DevOps are improving operational efficiencies and cost savings, however, 78 percent of users cite security concerns and acknowledge the vulnerabilities these technologies introduce to their networks.  In fact, one in five respondents experienced five or more breaches related to next-generation technologies.

This book details how today’s network environments are dynamic, requiring multiple defenses to mitigate vulnerabilities and exploits and stop data breaches. In the modern enterprise, everything connected to the network, cloud, and mobile device is a target as the perimeter expands beyond the traditional data center.

“Today’s attack surfaces are rapidly expanding to include, not only traditional servers and desktops, but also routers, printers, cameras, and other IoT devices,” said Morey J. Haber, Chief Technology Officer at BeyondTrust. “It doesn’t matter whether an organization uses LAN, WAN, cloud, wireless, or even a modern PAN―savvy criminals have more potential entry points than ever before. To stay ahead of these threats, IT and security leaders must be aware of exposures and understand their potential impact.”

The book is structured to provide guidance to help organizations build a vulnerability management program fit to meet the challenges of the modern threat environment. Drawing on years of combined experience, the authors detail the latest techniques for threat analysis, risk measurement, and regulatory reporting. Also outlined are practical service level agreements (SLAs) for vulnerability management and patch management.

The book contains guidance for readers to:
    - Create comprehensive assessment and risk identification policies and procedures
    - Implement a complete vulnerability management workflow in nine easy steps
    - Understand the implications of active, dormant, and carrier vulnerability states 
    - Develop, deploy, and maintain custom and commercial vulnerability management programs 
    - Discover the best strategies for vulnerability remediation, mitigation, and removal 
    - Automate credentialed scans that leverage least-privilege access principles

Readers will also gain insights from real-world case studies that share successful vulnerability management strategies and reveal potential pitfalls.

“Vulnerability management needs to be more than a compliance check box—it should be a foundation of an organization’s cybersecurity strategy,” said Brad Hibbert, Chief Operating Officer at BeyondTrust.  “Our hope is the book helps readers get ahead of threats and protect their organizations with an effective asset protection strategy.”