PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
March 2003

Six steps for security patch management best practices

January's SQL Slammer worm reminded us of the importance of patching vulnerabilities in computer software. Most successful computer attacks exploit well-known vulnerabilities, for which patches exist. The problem is that hundreds of patches are released each month, many of which apply to OSes and applications residing in your organization's network. How do you know which patches to install, and which to ignore? And what's the proper order and process for installing them? Patch management is a complex process, and I can't cover all the variables here. But I can distill the process into six general steps. The importance of each stage of the patch process--and the amount of time and resources you should spend on it--will depend on your organization's infrastructure, requirements and overall security posture. Step 1: Develop an up-to-date inventory of all production systems, including OS types (and versions), IP addresses, physical location, custodian and function. Commercial tools ranging from general network scanners to automated ...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

Columns in this issue