Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Patch management best practices have always dictated rigorous patch testing prior to their installation on key IT assets and mission-critical business processes. But this advice is being contradicted when it comes to urgent patches for mitigating zero-day exploits. Gartner Inc.s John Pescatore wrote that in the future, it will be more important to implement patches quickly than to thoroughly test them. Some enterprises are adopting a patch now, fix later approach when it comes to zero-day vulnerabilities, but is this the best approach for a modern enterprise patch management process? Is testing going by the wayside? Thats what well discuss in this tip. The danger of this fast-patch approach is if your organization installs an untested patch and it breaks a mission-critical application, the remediation effort has potentially caused more disruption to the business than the attack it was meant to prevent.
patches quickly than to thoroughly test them. However, for others, the time taken to test and discover potential conflicts with existing configurations and ensure a predictable rollout is still worth the risk of running an exposed system. In such cases, a virtual test lab is essential. This way, virtual patches can be created and tools like Metasploit can be used to ascertain the real risk so more thorough testing can be undertaken without the system being left exposed. Ultimately, theres certainly no one-size-fits-all patch management process. A lot depends on the criticality of individual systems and the resources available within the IT department to handle day-to-day maintenance. About the author: Michael Cobb, CISSP-ISSAP, is a renowned security author with more than 15 years of experience in the IT industry. He is the founder and managing director of Cobweb Applications, a consultancy that provides data security services delivering ISO 27001 solutions. He co-authored the book IIS Security and has written numerous technical articles for leading IT publications. Cobb serves as SearchSecurity.coms contributing expert for application and platform security topics, and has been a featured guest instructor for several of SearchSecurity.coms Security School lessons. This was first published in October 2011