Whenever the Defense Department’s Computer Emergency Response Team Coordination Center sends out a vulnerability alert, each DOD systems administrator must acknowledge it and respond with a plan for closing the hole. “The notification and response is becoming more automated,” said a security manager at a DOD software development shop, who contacted GCN and asked that neither he nor his agency be named in print. “The problem is that the remediation is manual. When you get two or three alerts an hour, it gets out of control.” The DOD security manager said he uses the Hercules automated remediation tool from Citadel Security Software Inc. of Dallas to cut the time for fixing flaws in multiple machines from weeks to days or hours. “There was a lot of gnashing of teeth in getting the purse strings loosened” to buy the software, he said. Now his headquarters recommends it to other agencies because “it’s a great force multiplier.” Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.