The Truth About Patch Validation – Charles Leaver

Written By Logan Gilbert And Presented By Charles Leaver

 

Intro

A recent report shows almost twenty thousand brand-new software vulnerabilities were discovered in 2017 – an all-time record. Consider that for a second. That’s approximately fifty five new vulnerabilities per day. That’s a big amount for any IT shop to manage.

Now there’s good news and bad news. The bright side is that patches were available for 86% of those vulnerabilities on the day they are disclosed. The bad news is that a lot of companies continue to deal with patch prioritization, application, and validation. And as IT workloads progressively migrate to the cloud, vulnerability visibility tends to decrease – exacerbating an already difficult problem.

Let’s take a more detailed look at ways to manage cloud patch validation effectively.

Initially, a Patch Management Guide

Patch management is the practice of updating software applications with code changes that attend to vulnerabilities exploitable by cyber attackers. Although it’s been around for decades, patch management remains a tough procedure for a lot of IT organizations.

Modern businesses have complicated IT environments with several integration points in between business systems. That means it is hard for software developers to account for all unexpected repercussions, e.g., a piece of code that might close a port, disable critical infrastructure interaction, or perhaps crash its host server.

And focusing on the reliable patching of recognized vulnerabilities is the undeniable ‘huge bang for the buck’ play. In 2017, Gartner stated that 99% of exploits are based upon vulnerabilities that have already been known to security and IT professionals for a minimum of one year.

Cloud Patching Principles

The first secret to shutting down the right vulnerabilities in your cloud IT infrastructure is being able to see everything. Without visibility into your cloud systems and applications, you cannot actually understand if both those systems and applications are patched where it is most important. The 2nd key is patch validation. Just firing off a patch is no assurance that it activated effectively. It may, or may not, have actually released successfully.

How would you be sure of this?

The Ziften Approach

Ziften offers the visibility and recognition you need to guarantee your cloud IT environment is safe and safe from the vulnerabilities that are the most crucial:

– Comprehensive capture of found OS and application vulnerabilities

– Findings mapped to vulnerability insight points, e.g., OWASP, CIS, CVE, CWE, and OSVDB

– Detailed explanations of the implications of findings, business effects, and dangers for each of the identified exposures

– Vulnerability prioritization based upon asset urgency and danger of attack

– Remediation recommendations to close recognized shortages

– In-depth actions to follow while reducing reported shortages

– Detection and mitigation of attacks that take advantage of unpatched systems with quarantine treatments

Far too frequently we discover that the data from customer’s patching systems incorrectly report that vulnerabilities are indeed patched. This develops a false sense of security that is undesirable for IT operations and security operations teams.

Leave a Reply

Your email address will not be published. Required fields are marked *