Did you ever wonder what happens AFTER you successfully install a new software application on your server? From a pure IT standpoint, the job is pretty much done when the user begins to input data and use the app. For security personnel, it’s a different story.
Installing new application software can create all sorts of new vulnerabilities. Even software from large developers can open ports, run extraneous services and broadcast sensitive information. This goes double for smaller developers or niche applications. We’ve had several experiences with this at our accounts, our monthly external vulnerability scans would show nothing for several cycles, then suddenly three red marks would show up. Invariably, the warnings were traced to the addition of a new application, or an upgrade of an existing one.
So, if you don’t do vulnerability scans on your network regularly (and you know who you are), at least do one before a major upgrade or install, then do another immediately afterwards, to see what changes.
You might be surprised, but better you than your boss!