2Patch Management
Any good patch management program consists of automatic and manual patching processes and techniques. Given the dynamic nature of infrastructure, it should be a continuous process of evaluating what's working, what's being patched, and what's missing. Without a strong vulnerability management program, systems can become outdated or reach EOL. Similarly, without a scheduled and regimented plan, systems will be left vulnerable for days, weeks, or longer to zero-day vulnerabilities like what happened at MOVEit or SolarWinds.
Foundations of Patch Management
Despite all the industry buzz about the latest flashy zero-day vulnerability, malicious actors are regularly targeting “vintage vulnerabilities”—vulnerabilities with existing patches that are known to be exploited in the wild (www.rezilion.com/blog/report-vintage-vulnerabilities-never-go-out-of-fashion
). This is due to the fact that, despite being known to be exploited and having existing patches, organizations still struggle with remediation capacity, on average only being able to remediate 1 out of 10 new vulnerabilities per month. Figure 2.1 displays the layers of patch management activities that would take place in any IT infrastructure, whether cloud or on-premises.
Each organization must determine what patch management process will work best for them, but the basics include a comprehensive inventory; maintenance windows, tools, or processes to automate patching; and processes for reboots or taking ...
Get Effective Vulnerability Management now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.