Maximizing an Organization’s Information Security Posture by Distributed Assessment and Remedy of System Vulnerabilities

Abstract Updating systems for security vulnerabilities has become a cumbersome yet necessary evil in today’s environment of zero-day exploits and ever-changing threat matrix. The current state of affairs for the vulnerability and threat management functions are in dire need of a solution that can rapidly assess systems for vulnerabilities and fix them expeditiously. This will guarantee the effective reconnaissance of critical vulnerabilities in a more concise and cohesive fashion throughout all industries affected by the inherent risk in systems and applications, This will also help defend against super-fast worms and other malicious mobile code that can blaze through an organization’s network leaving a path of compromised systems and reduced availability. The top-down centralized model for vulnerability assessment and remediation has proven inefficient and riddled with multiple vulnerabilities itself; the irony is befuddling. In this paper, we propose a framework to enhance an organization’s information security posture by distributedly assessing and remedying system vulnerabilities. By creating and utilizing the proposed framework, we can ensure more vigilance, a progressive and reactive implementation of a patch-management and worm defense strategy, and increased efficiency in the distribution of updates. Malicious mobile code, specifically worms, are very efficient in their distribution, this is because they are able to infect other systems in a peer-to-peer distributed fashion. By utilizing a similar approach to vulnerability assessment and patch management we can ensure a higher coverage and redundancy for all systems within and organization. The framework proposed in this paper is timely since most peer-to-peer distribution models focus more on content delivery and resource allocation. I