Patch management mastery: 8 essential best practices for better security

Patch management—the process businesses use to apply fixes or patches to software—sounds straightforward. But in reality, it’s a complex and high-stakes task, especially in a production environment. Complicating factors include the volume of patches, the prioritization of patches, and the choice of when to patch. Streamlining the process with patch management best practices reduces risks… Continue reading Patch management mastery: 8 essential best practices for better security

Why we’re still seeing unpatched software

Despite industry awareness that 60% of data breaches stem from unpatched software, “fix” still doesn’t get done. And how about these statistics from the 2020 Veracode software security report? Do they match your organization’s patch rates? 70% of bugs remain unpatched after 4 weeks. 55% of bugs remain unpatched three months later. 25% of high-vulnerability… Continue reading Why we’re still seeing unpatched software

Fix the Vulnerabilities in the FireEye SolarWinds Hack

Foreign hackers have been using multiple, layered software vulnerabilities to hack into “government, consulting, technology, telecom and extractive entities in North America, Europe, Asia and the Middle East,” as described in this FireEye blog post. This Vulcan Cyber blog post explains how to fix the vulnerabilities targeted by the red team tools used in the… Continue reading Fix the Vulnerabilities in the FireEye SolarWinds Hack

Ease the Patch Management Burden with Kubernetes and Docker

Only unused applications don’t receive updates. Otherwise, there are always more bugs to resolve, new requirements to address, and the latest software to integrate. Patching is the name that’s been given to the act of improving software. For example, if a bugfix is developed, a new patch on the given application is applied; if a… Continue reading Ease the Patch Management Burden with Kubernetes and Docker

Your Guide to Patching Immutable Infrastructure Kubernetes

With the ephemeral nature of containers, you might think that patching is far less critical than it really is. But in fact, as with more traditional systems, patching both the containers and the underlying management systems is just as critical as tending to any other system.

The Guide to Windows Patching

With new vulnerabilities and threats constantly making headlines, frequent patch releases is a must for operating systems. Keeping software and operating systems up to date is critical for ensuring system security.

Cloud vs. On-Prem Patching: What’s the Difference?

Patching has become particularly challenging in the new cloud and hybrid-cloud environments— especially across Windows and Linux—despite the many methods and technologies for this. What are the differences between patching in Windows and Linux, and how does this all fit into the modern cloud infrastructure? Do these new environment paradigms facilitate or complicate patch management?

A Review of the New AWS Server Patching Service

Amazon released the EC2 Run Command in 2015 as the first step to extend a bridge back to datacenter, enterprise, and traditional operations environments. Then in 2016, AWS released its patch management solution under the EC2 Systems Manager. Now, all datacenter-style management tools fall under the AWS Systems Manager.

Continuous Risk Assessment in Vulnerability Management

  “If it were easy, everyone would do it.” With the never-ending headlines of major breaches caused by vulnerabilities, it’s clear that vulnerability management isn’t easy. According to the Ponemon Institute, the average total cost of a breach in 2018 ranged from between  2-7 million dollars, depending on the number of compromised records.

Incident Remediation: A Cure Can’t be Worse Than the Disease

By now, everybody knows that vulnerabilities that aren’t remediated properly could pose a serious threat to the enterprises environment. The data breach experienced by Equifax last year exemplifies the impacts that can occur to a business that fails to remediate. However, we cannot ignore the other side of the coin – when remediation steps ARE… Continue reading Incident Remediation: A Cure Can’t be Worse Than the Disease