How to Prioritize and Apply Patches

/in


Every IT environment and cybersecurity strategy has vulnerabilities. To avoid damage or loss, organizations need to find and eliminate those vulnerabilities before attackers can exploit them.

Some of those vulnerabilities will be found and fixed by vendors, who will provide patches and updates for their products.

Other vulnerabilities cannot be patched and will require coordination between IT, cybersecurity, and app developers to protect those exposed vulnerabilities with additional resources that mitigate, or reduce, the risk of exploitation.

Regular and efficient execution of the following vulnerability and patch management stages can provide strong protection for organizations of all sizes:

Don’t want to handle it yourself? See also:

How to Find Vulnerabilities

Some vulnerabilities will be announced and other vulnerabilities need to be found through testing. However, every IT and cybersecurity team should designate specific people and processes to focus on detecting and managing vulnerabilities.

The first priority will be to collect the advertised vulnerabilities. Vendors will announce exploits and usually produce patches or mitigations for the vulnerability simultaneously.

Vulnerability detection teams need to monitor news feeds and vendor websites to act promptly because attackers move quickly. Mandiant’s research determined that: 

  • 42% of exploits occurred after a patch was issued
  • 12% of exploits occurred within the week after the patch availability date
  • 15% of exploits occurred within the month, but after the first week the patch was available

Of course, these will not be the only vulnerabilities that exist in the IT environment. Outdated or unpatched software is just one of the top seven types of vulnerabilities noted by Crowdstrike; the others are:

Source…