Dec 23, 2019
So you’re at that warm, fuzzy place CISOs and IT professionals know all-too-well: There are countless vulnerabilities your organization is “theoretically” vulnerable to, for which you’d like to start implementing patches immediately to increase security, but on the other hand, you’re concerned about patches and new version releases breaking users’ functionality.
Scenario 1: Let’s assume the organization’s HR department is using staffing software that is not running at its most recent version. Why? Because you tried to upgrade it in the past, but that screwed up the printer interface or made the software stop talking to the organization’s time clock.
Scenario 2: Accounting department’s invoicing software has a new CVE but it’s payroll week and the Controller says that if you patch, he will not likely make payroll on time.
Once you’ve decided to pull the trigger and patch, it seems as if the process is far from over...
Did last week's patching cycle go smoothly?
Need to run multiple VA scans to confirm?
It’s pretty much off to the races with confirming new software versioning, making sure nothing is broken, providing helpdesk support to existing users in case software has changed, and more…
What if you need to rollback a certain patch across hundreds or thousands of endpoints?
At the end of the day, it’s like chasing your own tail.
As a CISO or cybersecurity professional, you’re expected to let everyone have their cake and eat it too -- Management and operations teams are expecting you to allow their digital landscape and business software to be used uninterruptedly and without compromising user comfort and global access. However, you’re aware that if a serious breach takes place due to faulty security practices or vulnerable software, the blame will fall solely on you. It's up to you to keep a strong cyber posture and hygiene.
What if there was a solution out there to let you do it all -- Keep the organization’s network fully secured while complying with priorities for an uninterrupted software continuity? Vicarius’ Topia two-step approach to software patches include:
Security Terms for 400Kent Weigle December 23, 2020
Beyond Security Announces Technology Partnership with VicariusMichael Assraf January 11, 2021
Breaking Down the Common Vulnerability Scoring SystemKent Weigle December 15, 2020
Automated Vulnerability Remediation - The Good, the Bad, and the UglyMichael Assraf December 08, 2020
How Does CVSS Scoring Work?Kent Weigle December 16, 2020