Enterprises will increase their reliance on automation over the next few years to close vulnerability gaps with as little human engagement as possible, Swimlane Chief Strategy Officer and Co-founder Cody Cornell told SDxCentral.

Rapid tech sprawl and the rotating cast of best practices make day-to-day vulnerability lifecycle management – the process of identifying, evaluating, prioritizing, and resolving vulnerabilities in a network or system – one of the toughest IT roles, Cornell argued. "Just tracking the mountain of active work and outstanding tasks is overwhelming and makes the job extremely difficult to do successfully," he said.

Strong vulnerability management programs rely on internal and external resources for vulnerability identification methods, and they notify teams of possible repercussions while helping them prioritize and manage both remediation and the verification of those remediation efforts. Reporting and situational awareness via dashboards and reports, Cornell added, are crucial for organizations to navigate the moving parts of vulnerability management.

Thanks to rapid adoption of cloud services, IoT, software-as-a-service (SaaS) products, and remote work environments "coupled with the rapid speed at which services, applications, APIs, and other aspects of an organization's technology stack change," teams are feeling the pressure to keep the entire "organization abreast of how risk is fluctuating in near real-time," and "what preventive measures – if any – exist," he explained.

Although that function takes a lot of work, it's essential if enterprises want to prevent vulnerabilities as they emerge, and before they damage the organization's security posture and reputation. "New vulnerability data must be continuously imported, evaluated, and verified by security teams, and teams must then submit their mitigating actions for approval. The following steps require delegation, follow-ups, and validation, all of which take time to complete manually," he noted.

Another significant factor impacting vulnerability management is the increasing prevalence of hybrid and multi-cloud environments. The "device diversity" caused by varying cloud architectures, mobile devices, and IoT further complicates vulnerability management, and with "IP-enabled devices in the enterprise showing no signs of slowing down, organizations’ ability to track, identify, remediate, and validate vulnerabilities are only going to get more difficult," he noted.

Automation, however, helps businesses secure their data more effectively while streamlining operations. Cornell highlighted how automated vulnerability management can detect and fix risks associated with unpatched, unknown, or incorrectly configured systems, cloud services, and endpoints. In turn, skilled workers save their time, expertise, and energy for better use elsewhere, because "the tedious monitoring and management of vulnerabilities is done automatically," he said.