PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
November 2004

How to patch vulnerabilities and keep them sealed

Time is the enemy of every security manager charged with patching. Despite (or perhaps because of) vendors' attempts to release patches on regular intervals, enterprises are still racing to seal holes in their infrastructures. Every extra minute a system remains unpatched is another opportunity for worms, backdoors, rooters and Trojans to infiltrate the network. The clock starts the day the vulnerability is announced and, in many organizations, never stops. We all know the basics of how to roll out patches across the enterprise, so why is success so elusive? In many enterprises, patching is a messy, time-consuming process through which security teams must lab test new code before welding it onto production machines. The most common mistake is repeating the arduous process with each deployment rather than building a process that makes deployments successively easier. Think Six Sigma: Every time you roll out a patch, look for obstacles and make adjustments that simplify the patch process for the current and subsequent cycles. ...

Access this PRO+ Content for Free!

Features in this issue

Columns in this issue

  • SSO benefits: Security booster or improving end user experience?

    by  Lawrence M. Walsh

    Enterprise single sign-on all about simplicity and improving end user experience, security is just a side benefit. Learn why this is true, as well as other technologies that both reduce complexity and improve security.

  • Hot Pick: Sentivist IPS

    by  James Foster

    Learn how NFR Security's Sentivist IPS detects attacks with few false positives and automated response features that won't break mission-critical apps.

  • Spycatcher Enterprise 3.2

    by  Ryan Guzal

    Learn if Tenebril's Spycatcher Enterprise 3.2 can help those looking to win the war on spyware.