WIZ, Inc. EXHIBIT - 1087
`WIZ, Inc. v. Orca Security LTD.
`
`Pg. 1
`
`

`

`Vulnerability scanners are able to identify a variety of systems running on a network, such as laptops and desktops, virtual and physical servers, databases,firewalls,
`switches, printers, etc. Identified systems are probed fordifferent attributes: operating system, open ports, installed software, user accounts,file system structure,
`system configurations, and more. This information is then used to associate known vulnerabilities to scanned systems.In order to perform this association,
`vulnerability scanners will use a vulnerability database that containsa list of publicly known vulnerabilities.
`
`Properly configuring vulnerability scansis an essential componentof a vulnerability management solution. Vulnerability scanners can sometimesdisrupt the
`
`networks and systemsthat they scan.If available network bandwidth becomesverylimited during an organi:
`jon’s peak hours, then vulnerability scans should be
`scheduled to run during off hours.
`
`If some systems on a network become unstable or behave erratically when scanned, they might need to be excluded from vulnerability scans, or the scans may need
`to be fine-tuned to beless disruptive. Adaptive scanning is a new approachto further automating and streamlining vulnerability scans based on changesin a
`network. For example, when a new system connects to a network for the first time, a vulnerability scannerwill scan just that system as soon as possible instead of
`waiting for a weekly or monthly scan to start scanning that entire network.
`
`Vulnerability scanners aren't the only way to gather system vulnerability data anymore, though. Endpoint agents allow vulnerability managementsolutions to
`continuously gather vulnerability data from systems without performing network scans. This helps organizations maintain up-to-date system vulnerability data
`whetheror not, for example, employees’laptops are connected to the organization's network or an employee's home network.
`
`Regardless of how a vulnerability management solution gathers this data, it can be used to create reports, metrics, and dashboardsfor a variety of audiences.
`
`Step 2: Evaluating Vulnerabilities
`After vulnerabilities are identified, they need to be evaluated so the risks posed by them are dealt with appropriately and in accordance with an organization'srisk
`managementstrategy. Vulnerability management solutions will provide different risk ratings and scores for vulnerabilities, such as Common Vulnerability Scoring
`
`System (CVSS) scores. These scores are helpfulin telling organizations which vulnerabilities they should focus onfirst, but the true risk posed by any given
`vulnerability depends on some other factors beyond these out-of-the-box risk ratings and scores.
`
`Here are some examplesof additional factors to consider when evaluating vulnerabilities:
`
`Is this vulnerability a true or false positive?
`*
`* Could someone directly exploit this vulnerability from the Internet?
`* How difficult is it to exploit this vulnerability?
`*
`Is there known, published exploit code forthis vulnerability?
`© what would bethe impactto the businessif this vulnerability were exploited?
`* Are there anyother security controls in place that reducethelikelihood and/orimpact ofthis vulnerability being exploited?
`* How old is the vulnerability/how long has it been on the network?
`
`Like any security tool, vulnerability scanners aren’t perfect. Their vulnerability detection false-positive rates, while low,are still greater than zero. Performing
`vulnerability validation with penetration testing tools and techniques helps weedoutfalse-positives so organizations can focustheir attention on dealing with real
`vulnerabilities. The results of vulnerability validation exercises or full-blown penetration tests can often be an eye-opening experience for organizations that
`thought they were secure enough orthat the vulnerability wasn’t thatrisky.
`
`Step 3: Treating Vulnerabilities
`Once a vulnerability has been validated and deemeda risk, the next step is prioritizing how to treat that vulnerability with original stakeholders to the business or
`network. There are different ways to treat vulnerabilities, including:
`
`* Remediation:Fully fixing or patching a vulnerability soit can't be exploited. This is the ideal treatmentoption that organizationsstrive for.
`* Mitigation: Lesseningthelikelihood and/or impact of a vulnerability being exploited. This is sometimesnecessary when a properfix or patch isn't yet available for an identified vulnerability
`This option shouldideally be used to buy timefor an organizationto eventually remediate a vulnerability.
`* Acceptance: Taking no action to fix or otherwise lessen thelikelihood/impactof a vulnerability being exploited, Thisis typically justified when a vulnerability is deemed a low risk, and the
`cost offixing the vulnerability is substantially greaterthanthe cost incurred by an organizationifthe vulnerability were to be exploited.
`
`Vulnerability managementsolutions provide recommended remediation techniquesfor vulnerabilities. Occasionally a remediation recommendationisn't the optimal
`way to remediate a vulnerability; in those cases, the right remediation approach needs to be determined by an organization’s security team, system owners, and
`system administrators. Remediation can be as simple as applying a readily-available software patch or as complex as replacing a fleet of physical servers across an
`organization's network.
`
`Pg. 2
`
`

`

`When remediation activities are completed, it’s best to run another vulnerability scan to confirm that the vulnerability has been fully resolved_
`
`However, notall vulnerabilities need to be fixed. For example,if an organization's vulnerability scanner has identified vulnerabilities in Adobe Flash Player on their
`computers, but they completely disabled Adobe Flash Player from being used in web browsers and otherclient applications, then those vulnerabilities could be
`considered sufficiently mitigated by a compensating control.
`
`Step 4: Reporting vulnerabilities
`Performing regular and continuous vulnerability assessments enables organizations to understand the speed and efficiency of their vulnerability management
`program over time. Vulnerability management solutions typically have different options for exporting and visualizing vulnerability scan data with a variety of
`customizable reports and dashboards. Not only does this help IT teamseasily understand which remediation techniqueswill help them fix the most vulnerabilities
`with the least amountof effort, or help security teams monitor vulnerability trends over time in different parts of their network, butit also helps support
`organizations’ compliance and regulatory requirements.
`
`Staying Ahead of Attackers through Vulnerability Management
`Threats and attackers are constantly changing, just as organizations are constantly adding new mobile devices, cloud services, networks, and applications to their
`environments. With every change comesthe risk that a new hole has been opened in your network, allowing attackers to slip in and walk out with your crown
`jewels.
`
`Every time you get a new affiliate partner, employee,client or customer, you open upyour organization to new opportunities, but you're also exposingit to new
`threats. Protecting your organization from these threats requires a vulnerability management solution that can keep up with and adaptto all of these changes.
`Without that, attackers will always be one step ahead.
`
`
`
`Find, prioritize, and reduce risk in your environment with InsightVM
`
`Start a Free Trial
`
`Stay in touch:
`
`(in) () Cf)
`
`Legal
`
`Legal Terms
`Privacy Policy
`Export Notice
`Trust
`
`Resources & Help
`
`Connect With Us
`
`Product Support
`Resources
`Security & IT Fundamentals
`Vulnerability & Exploit Database
`
`Contact Us
`Blog
`Support Login
`Careers
`
`Pg. 3
`
`