Patch Management
We need to implement a patch management solution for our domain. What are some ideas to best manage updates and patches that you experts have used?
ASKER
Windows OS
Adobe
Office
Adobe
Office
I would check NIST publication before buying and implementing any patch management software. According to NIST Special Publication 800-40, Revision 3
"........Patch management is the process for identifying, acquiring, installing, and verifying patches for products and systems. Patches correct security and functionality problems in software and firmware. From a security perspective, patches are most often of interest because they are mitigating software flaw vulnerabilities; applying patches to eliminate these vulnerabilities significantly reduces the opportunities for exploitation. Patches serve other purposes than just fixing software flaws; they can also add new features to software and firmware, including security capabilities.........."
Make sure that a patch management system is in place to ensure that all relevant patches are installed. Implement patch management software that will allow you to test software updates, and then deploy them efficiently.
https://www.hsdl.org/?abstract&did=743210
https://www.hsdl.org/?view&did=743210
https://www.experts-exchange.com/articles/31793/Vulnerability-Assessments-versus-Penetration-Tests.html
https://www.peerlyst.com/posts/why-companies-don-t-patch-immediately-a-view-from-the-trenches-nathan-chung-cissp-giac-gsec-ccsk
"........Patch management is the process for identifying, acquiring, installing, and verifying patches for products and systems. Patches correct security and functionality problems in software and firmware. From a security perspective, patches are most often of interest because they are mitigating software flaw vulnerabilities; applying patches to eliminate these vulnerabilities significantly reduces the opportunities for exploitation. Patches serve other purposes than just fixing software flaws; they can also add new features to software and firmware, including security capabilities.........."
Make sure that a patch management system is in place to ensure that all relevant patches are installed. Implement patch management software that will allow you to test software updates, and then deploy them efficiently.
https://www.hsdl.org/?abstract&did=743210
https://www.hsdl.org/?view&did=743210
https://www.experts-exchange.com/articles/31793/Vulnerability-Assessments-versus-Penetration-Tests.html
https://www.peerlyst.com/posts/why-companies-don-t-patch-immediately-a-view-from-the-trenches-nathan-chung-cissp-giac-gsec-ccsk
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Thanks