Anyone has a sample table (which I need to submit in monthly
ppt slide) for covering patching metrics?
I plan to have a column for virtual patches (as we use NIDS &
endpoint IPS) included, so columns like the following:
a) date vulnerability published by product principal
b) date virtual patch is released, tested in our UAT &
implemented in Prod (which I'll indicate as 'NA'
if not available
c) date actual principal product (ie Oracle, , RHEL, Fwall
vendor) release their patches & date scheduled to
test in UAT & date to deploy in Prod
Any other information/columns that I miss?
In particular I have the following products to cover:
a) Solaris OS 10
b) Weblogic middleware 184.108.40.206
e) Oracle DB
f) RHEL 6