NCSAM, part 4: Build Better ‘Apptitude’ With These 4 Application Security Tips

October 26, 2016 Arctic Wolf Networks


For week three of NCSAM, we outlined some of the top methodologies for detecting and responding to cyberthreats. This week, in celebration of the theme “Our Continuously Connected Lives: What’s Your ‘Apptitude’?” we’ll walk you through some of the best ways that you can enhance your organization’s application security.

Without further ado, let’s dive in:

1. Vulnerability scanning

As cyberattackers become better at exploiting weaknesses in company networks, frequent vulnerability scans and overall security assessments will be pivotal to identifying application security deficiencies. According to TechTarget, these scanners usually function by cross-referencing databases that contain, “known security holes in services and ports, anomalies in packet construction, and potential paths to exploitable programs or scripts.” From here, simulations will attempt to test these attack paths to get a strong sense for what’s at stake. While it’s true that you can’t necessarily preempt every cyberthreat, it’s important to continually assess your defensive security posture by seeking out flaws in your applications and network infrastructure.

2. Updating software

“The sooner and more frequently you patch your applications, the better.”

Whether you’re running third-party applications or proprietary software, the importance of security patching cannot be overstated. For proprietary solutions, new script vulnerabilities will need to be addressed quickly and efficiently. For vendor-bought solutions, new critical updates should be applied sooner rather than later. Earlier this year, for example, Microsoft added features to its Office suite of products that would help prevent malicious macros, which hide ransomware and other nasty threats, from executing. Delay these types of updates, and you risk leaving yourself open to attack.

What’s more, many security patches are delivered after a developer finds security flaws in the program’s code, not necessarily in response to a hack. The problem is that cybercriminals pay attention to these updates, because they can act as a tip-off for security holes. In brevity, the sooner and more frequently you patch your applications, the better.

3. Managing devices

One of the most significant threats to an organization is the downloading and installation of malicious applications that could put company data at risk. To prevent this, IT admins need to make sure they have a device management strategy in place. One of the best ways to achieve this is through the deployment of an application control tool that gives admins the ability to blacklist suspicious software, whitelist legitimate applications and vet new programs that employees may attempt to install on company machines. Likewise, mobile device management tools will be important for securing smartphones that are on the network.

4. Creating best-practice polices

Arguably the most important item on this list, and the piece of advice that is most central to closing security gaps in general, is to create best-practice policies that explicitly include application usage. These should outline security standards for applications that mandate secure communication backed up by encryption, password protection and limited access (within reason) to personally identifiable information and other sensitive data. These policies should also require that the most up-to-date software be used at all times. In the event of a zero-day exploit, or perhaps a breach of a third-party application vendor, IT and the lines of business need to have a strong plan of action in place to limit that app’s access to sensitive data, and prevents its use.

You can’t necessarily prevent bad things from happening, but if you take the above steps, you can certainly improve your “apptitude.” 

Previous Article
NCSAM, part 5: How to Build a Hunting Team With a Small Security Team

Protecting critical infrastructure requires no less than 24/7/365 cyberthreat hunting. 

Next Article
National Cybersecurity Awareness Month, Part 3: Top 6 Ways to Detect and Respond to Security Threats

It's now week three of NCSAM, which means it's time to talk about threat detection and response strategies. 


Want cybersecurity updates delivered to your inbox?

First Name
Last Name
Thanks for subscribing!
Error - something went wrong!