Mitigates software vulnerabilities reducing risk of system exploitation Maintains software and systems at vendor baseline reducing future performance issues Reduces risk of theft of Sensitive information ID: 632946
Download Presentation The PPT/PDF document "Security Patching Benefits of Security P..." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Security PatchingSlide2
Benefits of Security Patching
Mitigates software vulnerabilities, reducing risk of system exploitation
Maintains software and systems at vendor baseline, reducing future performance issuesReduces risk of theft of Sensitive information (e.g., personal, proprietary, controlled)Reduces risk of malware injection into proprietary productsImportant part of system and software maintenance
2Slide3
Know Which Security Patches are Needed
Identify
Operating System and applications by version on the networkUse vendor proprietary tools to identify systems that require patchesSign-up with vendors for notification of new security patches for specific versions in use - eliminates wasted labor reviewing patch advisories for versions not in usePurchase a security service that tracks and sends vulnerability alerts for security patches released by vendors – includes risk data for SLA decisions:Ex: https://www.riskbasedsecurity.com/
Sign-up with cyber-security organizations to receive vulnerability newsletters
Ex:
https://www.sans.org/newsletters/at-riskEx: https://www.us-cert.gov/ncas/alertsMonitor cyber-security websites that discuss vulnerabilitiesEx: https://nvd.nist.gov/Ex: https://cve.mitre.org/
3Slide4
Use Automation to Test & Deploy Patches
System Center Configuration Manager (SCCM)Use to deploy Microsoft and other vendor security patchesUse to identify applicable systems – target listUse to generate compliance reports on patched percentVendor proprietary automation tool to identify and patch systems using enterprise admin console & agent on systemsSCCM – Microsoft:https://
www.microsoft.com/en-us/cloud-platform/system-center-configuration-manager
Red Hat
Satellite Serverhttps://access.redhat.com/products/red-hat-satelliteDeploy patches to test development group/s – identify groups for specific productsIf no issues, approve PRODUCTION patch deployment across the network4Slide5
Company Policy & Communications
Identify standard security
patching schedules so internal customers can plan work around patching tasksHigh risk vulnerabilities – test immediately and patch once testing is completeVia announcements, make employees aware of security patching prior to patch deploymentLet employees know whether patching will require reboot of systemCoordinate patching of servers with server stakeholders5Slide6