Vulnerability Management
A good vulnerability detection, remediation, and continuous monitoring policy is necessary to mitigate threats.
Additionally, establish a systematic framework to identify, assess, prioritize, and mitigate vulnerabilities in servers that interact with the Solana network, ensuring confidentiality, integrity, and availability.
Scope
Applies to all physical or virtual servers running nodes, RPC endpoints, validators, or pentesting tools on the Solana network, in both production and test environments. Servers deployed on the Solana network (mainnet/testnet)
Vulnerability Identification
Vulnerability scans will be performed monthly by the security team.
Tools used:
• Nmap: for detection of open ports and exposed services.
• Nessus: for in-depth scanning of known vulnerabilities.
• OpenVAS: for detailed analysis and correlation with CVEs.
Additional scans will be performed:
• After critical updates to the Solana system or software.
• Upon publication of new relevant CVEs.
Evaluation and Prioritization
A risk score based on CVSS v3.1 will be assigned.
Classification:
• Critical (CVSS ≥ 9.0): Mitigation in < 24 hours.
• High (7.0 ≤ CVSS < 9.0): Mitigation in < 72 hours.
• Medium (4.0 ≤ CVSS < 7.0): Mitigation in < 7 days.
• Low (CVSS < 4.0): Quarterly assessment.
Treatment
• Patching via apt, Docker container updates, or binary recompiling.
• In the absence of patches, compensatory controls such as network isolation, firewall rules, or service disabling will be applied.
• All actions will be logged in the vulnerability log.
Verification and Monitoring
Once remediated, the systems must be reverified and monitored.
• Rescans will be performed after each mitigation.
• A history of vulnerabilities and corrective actions will be maintained for at least 12 months.
• Internal audits will verify compliance with this policy every quarter.
Continuous Improvement
This policy will be reviewed annually or after significant security incidents. New tools or methodologies will be incorporated as the Solana ecosystem evolves and threats emerge.
Last updated
Was this helpful?