This week I wrote a blog post over at AlienVault entitled, Internal Scanning for PCI Compliance—Not Sexy but Necessary. Many of us who work in security started our careers doing some kind of vulnerability chasing. It’s our version of firefighting. Look for a vulnerability, patch it, and repeat. As our environments grow, the fervor with which we perform this endless cycle builds until we realize that it’s ultimately unsustainable. That’s when we start to look to treat the cause with the symptom.
Go check out the post and let me know what you think. Does IT Hygiene end up being one of the root causes to vulnerability wildfires in our organizations? How do small businesses with little to no IT staff combat issues like these?