New Search

If you are not happy with the results below please do another search

1 search result for:

1

The Vulnerability Remediation Challenge and Patch Tuesday

For the past twelve years, Microsoft’s Patch Tuesday has been a monthly reminder of the challenges with vulnerability remediation. For IT and security teams, Patch Tuesday means it’s time to assess another batch of security updates and decide which ones to deploy and when, and which ones to either defer, indefinitely or at least temporarily. Microsoft’s steady stream of updates, combined with those from other enterprise vendors, is enough to keep IT teams very busy. And then there’s the periodic “BIG ONE’s” such as Heartbleed, Shellshock, or Poodle that have widespread impact (more work) and invite intensive executive-level interest (more oversight) in the vulnerability remediation process. As quickly as IT and security operators familiarize themselves with new vulnerabilities and updates, so do cybercriminals— as means of creating, trading, or renting exploits. And with profit as motivation, cybercriminals are at least as attentive as IT staffs, if not more so. While these bad actors have access to easily deployed exploits and can choose their targets, every organization is facing tighter budgets and a growing numbers of devices and applications. In this cyberwar, the cybercriminals are better equipped for their mission than the defenders inside the organization. While very informative, the details […]