1 / 11

Expert Strategies for Effective Patch Management

Learn about proactive patch management strategies from a panel discussion led by Lawrence Walsh, executive editor of Information Security magazine. Explore topics such as security patch prioritization, testing, inventory control, standardization vs. diversity, network re-architecting, and separation of duties. Discover the importance of accurate inventory, criticality ratings, and the impact of poor inventory control. Gain insights on deploying, validating, and reporting patches, as well as the role of separation of duties in patching efforts. Understand the benefits and challenges of re-architecting networks for patch management effectiveness.

camposc
Download Presentation

Expert Strategies for Effective Patch Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Effective Patch Management Strategies A panel discussion Lawrence Walsh, executive editor Information Security magazine

  2. What is patch management? Patch management is the proactive, measured response to known vulnerability exposures and risks.

  3. Patch Management Agenda • What is a security patch? • Prioritizing Patching • Need for Testing • Inventory Control • Standardization v. Diversity • Re-architecting Networks • Separation of Duties

  4. What is a Security Patch? • Is there a difference between a security patch and a functionality patch? And should we care?

  5. Prioritizing Patching • Can you trust how vendors rate the criticality of patches? • How do you assign criticality ratings in your own environment?

  6. Need for Testing • Do we rush to patch or should we hold off and leave systems exposed while we test? • Can an enterprises effectively test patches?

  7. Inventory Control • Why keep accurate inventory? • Methods for inventory control? • Consequences for poor inventory control?

  8. Wash, Rinse, Repeat • Deploy • Validation • Reporting • No Patch Available, Machines Remain Vulnerable (Unsupported implementations)

  9. Separation of Duties • Who should lead patching efforts • Why is there a need for separation of duties

  10. Re-architecting Networks • Does re-architecting reduce the need for patching? • What are the pitfalls of re-architecting? • Is it worth the cost? • Are new chokepoint solutions effective?

  11. Thank you.Questions, comments? These panelists will not be available at the Ask-the-Experts booth in the Exhibit Hall.Please send questions to lwalsh@techtarget.com.

More Related