Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Data Breach
  • SCM in Practice: How to Strengthen Your Organization’s Security Processes
  • Critical Vulnerability
  • Data Breach

SCM in Practice: How to Strengthen Your Organization’s Security Processes

6 years ago David Bisson
SCM in Practice: How to Strengthen Your Organization’s Security Processes

Security configuration management (SCM) involves maintaining a secure baseline configuration for an organization’s systems and monitoring those assets for deviations from that baseline. This fundamental control pairs well with other elements of an organization’s security strategy. As such, SCM enables security teams to harden their organization’s cloud workloads, industrial environments and other IT assets against digital threats.

There’s just one question: how can security teams best implement SCM in practice?

This blog post will begin by discussing the four integral processes of SCM. Next, it will dive into four other elements of SCM which security teams should know about. Understanding these eight components will give security teams a foundation on which they can both create and strengthen their organization’s SCM program.

The Four Integral Processes of SCM

No one wants their organization’s systems to become misconfigured. But when that does happen, you want to make sure you automatically receive a notification that offers detailed remediation instructions on how you can return that asset to its secure baseline. It’s therefore important for your security team to go with a SCM tool that automates the following four processes:

  1. Device Discovery: Security teams can’t protect an IT asset if they don’t know about it. If the organization’s SCM program is to be successful, security professionals need to make sure they have an up-to-date asset inventory that contains everything that’s installed on the network. It’s not always easy to make such an inventory manually. Employees from other departments might be able to add new assets onto the organization’s IT infrastructure, for instance, which would make discovery difficult. That’s why it’s important for security teams to invest in an SCM tool that ideally comes with an integrated asset management repository. Such a capability will help security team members to discover assets automatically and to then categorize/tag them appropriately.
  2. Establish Your Baseline: Once they know what’s on the network, security team members need to come up with a secure baseline for each asset. Security professionals can use benchmarks from the Center for Internet Security (CIS) and the National Institute of Standards and Technology (NIST) to get started in defining these configurations. They should also leverage existing security policies and business requirements to focus in on the assets that matter most to the organization.
  3. Manage Changes: With a baseline provided for the organization’s systems, the SCM solution can get to work monitoring for and alerting on changes to that baseline. Security teams have the option of conducting real-time assessments so that they can receive notifications on an ongoing basis. However, this might not be necessary for some of their use cases, so they should decide upon a frequency that works best for them.
  4. Remediate: It’s important that security teams have the ability to receive notifications for when a change to the baseline occurs. A notification should include essential information including what remediation steps can be taken to return the asset to its secure configuration. Using that information, security teams can verify for an auditor that an expected change took place. It’s therefore important that security professionals have an SCM tool that enables them to prioritize what information is coming through.

Four Other Important SCM Processes

Device discovery, establishing a baseline, change management and remediation all form the foundation of an organization’s SCM foundation. But there’s more to do from there. In particular, security professionals need to pay special focus towards maintaining their policy libraries, monitoring for change, creating remediation workflows as well as using reports and dashboards as part of their SCM program.

Maintaining Policy Libraries

Policies form a crucial part of a successful SCM program. They contain standards with which monitored systems on the organization’s network must comply. To make it easy for themselves, organizations should make sure that whatever SCM tool they’re using has built-in policy content so that they can test against security benchmarks such as the CIS Controls and PCI DSS.

To get the most out of their solution, however, they also need to make sure that their policy content is accurate and current. They should therefore invest in a solution that enables them to import policies as well as to create their own. That solution should also allow the organization to grant waivers to certain assets based upon a business requirement, apply multiple policies to devices and tag their assets to streamline the SCM process across certain parts of the network.

Monitoring

Well-defined processes and policies are crucial to an effective SCM program. But they’re useless unless they help organizations to monitor their critical assets for change. They can do this using two different types of deployments:

  • Agents: Organizations install a piece of technology on the asset. This type of deployment provides detailed information because the agent monitors the asset directly.
  • Agentless: Organizations use remote access to monitor the asset from afar. This type of deployment is less disruptive than agent-based monitoring, as it accounts for unique network elements on which agents might not work.

Organizations have another decision to make. Regardless of whether they use agents, they need to determine how often to conduct SCM assessments. For instance, they can apply real-time change detection to their dynamic environments so as to receive alerts about modifications as soon as possible. But routers, network switches and firewalls don’t need that type of monitoring, thereby allowing organizations to monitor those assets for changes on a more periodic basis.

Remediation Workflows

Organizations need to know which assets are out of compliance with their secure baselines. But once they’ve found a deviation, they need to be able to correct it on a timely basis. They should therefore consider investing in a SCM solution whose policy content provides guidance on how security teams can remediate configuration issues. It should be able to integrate with an automated change management solution to further streamline the remediation process.

Reports and Dashboards

It’s important for security teams to figure out how they want to receive technical and higher-level information collected by the SCM solution. In particular, they should investigate what capabilities the tool offers in terms of prioritizing data and generating reports. They should also look into the dashboarding features so that the solution can help all interested parties, including non-technical employees, drill down into the SCM tool’s results for the purpose of fulfilling their work-related duties..

For more recommendations on how to strengthen your organization’s SCM program, download Tripwire’s eBook here.

FURTHER READING ON SCM:
  1. SCM: Understanding Its Place in Your Organization’s Digital Security Strategy
  2. 4 Areas of Your IT Infrastructure that SCM Can Help to Secure

The post ” SCM in Practice: How to Strengthen Your Organization’s Security Processes” appeared first on TripWire

Source:TripWire – David Bisson

Tags: Cloud, Critical Severity, Goverment, TripWire

Continue Reading

Previous Apple Accidentally Notarizes Shlayer Malware Used in Adware Campaign
Next Cisco Issues Warning Over IOS XR Zero-Day Flaw Being Targeted in the Wild

More Stories

  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks

1 day ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

1 day ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026

2 days ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

2 days ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

2 days ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

2 days ago [email protected] (The Hacker News)

Recent Posts

  • FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks
  • Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager
  • CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026
  • Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages
  • Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT