Information Security
  /  
Security Offerings
Vulnerability Management

Northwestern provides free vulnerability assessments for network infrastructure, related devices such as system front end (laptops and desktops) and back end (servers), and embedded devices (routers, switches, hubs, firewalls, printers, wireless access devices, and research equipment). Qualys is the cloud-based solution that automates the steps needed to assess vulnerabilities in order to manage and reduce threats. Qualys looks at operating systems vulnerabilities, as well as known issues relating to software configuration and outdated software versions.

McCormick runs a twice-daily full port data collection to “map” assets in our network as seen from the Internet and intranet. A map tries to use exactly the same discovery and information gathering techniques that will be used by an attacker. After discovering live devices, we are able to analyze them for vulnerabilities and begin remediation. 

Qualys uses its CVE-compliant KnowledgeBase to assign a severity level to each known vulnerability, which is determined by the security risk associated with its exploitation. The service also takes into consideration factors like complexity of the exploit and likelihood of the exploit to work under normal conditions. Network location and privileges needed by an attacker to execute a successful attack are considered. Prevalence of the affected software and existence of known attacks, worm or malware also plays a role.

McCormick prioritizes the remediation of critical and urgent severity levels to prevent intruders from gaining control of the asset and allowing the attacker to perform the most serious offenses, such as full read and write access to files, remote execution of commands, and/or a listing of all the users on the host.