2Patch Management
Any good patch management program consists of automatic and manual patching processes and techniques. Given the dynamic nature of infrastructure, it should be a continuous process of evaluating what's working, what's being patched, and what's missing. Without a strong vulnerability management program, systems can become outdated or reach EOL. Similarly, without a scheduled and regimented plan, systems will be left vulnerable for days, weeks, or longer to zero-day vulnerabilities like what happened at MOVEit or SolarWinds.
Foundations of Patch Management
Despite all the industry buzz about the latest flashy zero-day vulnerability, malicious actors are regularly targeting “vintage vulnerabilities”—vulnerabilities with existing patches that are known to be exploited in the wild (www.rezilion.com/blog/report-vintage-vulnerabilities-never-go-out-of-fashion). This is due to the fact that, despite being known to be exploited and having existing patches, organizations still struggle with remediation capacity, on average only being able to remediate 1 out of 10 new vulnerabilities per month. Figure 2.1 displays the layers of patch management activities that would take place in any IT infrastructure, whether cloud or on-premises.
Each organization must determine what patch management process will work best for them, but the basics include a comprehensive inventory; maintenance windows, tools, or processes to automate patching; and processes for reboots or taking ...