Patch Validation 101 – Chuck Leaver

Written By Logan Gilbert And Presented By Chuck Leaver

 

Introduction

A current report indicates nearly twenty thousand brand-new software application vulnerabilities were found in 2017 – an all time high. Consider that for a second. That’s approximately fifty five brand-new vulnerabilities each day. That’s a big amount for any IT shop to manage.

Now there’s good news and bad news. The good news is that patches were available for 86% of those vulnerabilities on the day they are disclosed. The problem is that a lot of companies continue to have a problem with patch prioritization, application, and validation. And as IT tasks significantly migrate to the cloud, vulnerability visibility tends to decrease – intensifying an already hard challenge.

Let’s take a more detailed look at ways to manage cloud patch validation effectively.

First, a Patch Management Primer

Patch management is the practice of upgrading software with code modifications that address vulnerabilities exploitable by cyber assailants. Even though it’s been around for years, patch management stays a challenging process for most IT companies.

Modern businesses have complex IT environments with numerous integration points between organization systems. That means it is hard for software application developers to account for all unintended effects, e.g., a condition that could close a port, disable crucial infrastructure interaction, and even crash its host server.

And concentrating on the effective patching of recognized vulnerabilities is the unquestionable ‘big bang for the buck’ play. In 2017, Gartner reported ninety nine percent of exploits are based upon vulnerabilities that have already been known to IT and security professionals for a minimum of one year.

Cloud Patching Principles

The very first key to closing down the correct vulnerabilities in your cloud IT infrastructure is being able to see everything. Without visibility into your cloud systems and applications, you cannot really know if both those systems and applications are patched where it is essential. The second key is patch validation. Simply shooting off a patch is no assurance that it triggered correctly. It may, or might not, have actually deployed effectively.

How would you be sure of this?

The Ziften Technique

Ziften supplies the visibility and recognition you need to guarantee your cloud IT environment is safe and protected from the vulnerabilities that are the most crucial:

– In-depth capture of discovered OS and application vulnerabilities

– Findings mapped to vulnerability insight points, e.g., OWASP, CIS, CVE, CWE, and OSVDB

– Detailed descriptions of the ramifications of findings, company impacts, and threats for each of the recognized exposures

– Vulnerability prioritization based upon asset criticality and risk of attack

– Removal suggestions to close recognized shortages

– Detailed steps to follow while reducing reported shortages

– Detection and mitigation of attacks that exploit unpatched systems with quarantine procedures

Far too often we find that the data from client’s patching systems incorrectly report that vulnerabilities are undoubtedly patched. This produces complacency that is inappropriate for IT operations and security operations groups.

Leave a Reply

Your email address will not be published. Required fields are marked *