Written By Logan Gilbert And Presented By Charles Leaver
A current report shows almost twenty thousand new software vulnerabilities were discovered in 2017 – an all-time record. Consider that for a second. That’s an average of fifty five brand-new vulnerabilities each day. That’s a lot for any IT shop to manage.
Now there’s good news and bad news. The good news is that patches were readily available for 86% of those vulnerabilities on the day of disclosure. The bad news is that a lot of companies continue to fight with patch prioritization, application, and validation. And as IT workloads increasingly migrate to the cloud, vulnerability visibility has the tendency to decrease – worsening a currently difficult challenge.
Let’s take a more detailed look at how to manage cloud patch validation successfully.
Initially, a Patch Management Primer
Patch management is the practice of upgrading software applications with code modifications that address vulnerabilities exploitable by cyber assailants. Despite the fact that it’s been around for years, patch management remains a challenging procedure for most IT companies.
Modern enterprises have intricate IT environments with multiple integration points in between organization systems. That means it is difficult for software designers to account for all unexpected consequences, e.g., a condition that might close a port, disable critical infrastructure interaction, and even crash its host server.
And focusing on the effective patching of recognized vulnerabilities is the undeniable ‘big bang for the buck’ play. In 2017, Gartner reported ninety nine percent of exploits are based upon vulnerabilities that have already been understood to security and IT specialists for at least one year.
Cloud Patching Basics
The very first key to shutting down the correct vulnerabilities in your cloud IT infrastructure is visibility. Without visibility into your cloud systems and applications, you cannot truly know if both those systems and applications are patched where it is crucial. The 2nd key is patch validating. Just shooting off a patch is no warranty that it triggered appropriately. It may, or might not, have actually deployed successfully.
How would you be sure of this?
The Ziften Approach
Ziften supplies the visibility and validation you require to guarantee your cloud IT environment is safe and protected from the vulnerabilities that are the most crucial:
– In-depth capture of discovered OS and application vulnerabilities
– Findings mapped to vulnerability insight references, e.g., OWASP, CIS, CVE, CWE, and OSVDB
– In-depth descriptions of the ramifications of findings, business effects, and risks for each of the determined exposures
– Vulnerability prioritization based on asset criticality and threat of attack
– Remediation suggestions to close determined deficiencies
– Comprehensive actions to follow while alleviating reported deficiencies
– Detection and mitigation of attacks that take advantage of unpatched systems with quarantine procedures
Far too frequently we find that the data from client’s patching systems incorrectly report that vulnerabilities are undoubtedly patched. This produces complacency that is undesirable for IT operations and security operations groups.