Security Patch Management
Purchasing Options
Features
- Ties together all aspects of patch management into an easy-to-understand format
- Provides the support and guidance needed to integrate an effective patch management process
- Demonstrates how patches should be implemented on devices and systems within various infrastructures
- Describes how to distribute patches quickly and without draining essential network resources
Summary
Although the patch management process is neither exceedingly technical nor extremely complicated, it is still perceived as a complex issue that’s often left to the last minute or resolved with products that automate the task. Effective patch management is not about technology; it’s about having a formal process in place that can deploy patches to vulnerable systems quickly.
Helping you figure out exactly what to patch and which patches to use, Security Patch Management provides detailed guidance through the process of creating and implementing an effective and efficient patch management process. It uses a format that is easy-to-understand and applicable regardless of the operating system, network device, or patch deployment tool. The author illustrates the proper implementation of patches on devices and systems within various infrastructures to provide the insight required to:
- Design your own patch release process and keep it action ready
- Test the effectiveness of your patches
- Keep up with the latest patch releases
- Prioritize the vulnerabilities that need to be addressed
- Apply patches quickly and without draining essential network resources
This book supplies the tools and guidelines you need to stay one step ahead of the exploits on the horizon. It will help you establish a patch management process that not only protects your organization against zero-day attacks, but also helps you become more proactive when it comes to this critical facet of information security.
Table of Contents
Introduction
How to Use This Book
Background
Getting Started
Who Owns the Process?
People, Process, and Technology
Measuring Success
Next Steps
Types of Patches
Functionality Patches
Feature Patches
Security Patches
Product Vendor’s Responsibility
Vulnerability to Patch to Exploit
The Who
The When
The Why
The How
Tracking New Patch Releases
Resources for Information
What to Patch
Standard Build
User Awareness
Use of Tool
Remote Users
Laptops
Servers
Windows
UNIX and Linux
Network Devices
Network and Systems Management: Information Technology Infrastructure Library
Starting with Process
ITIL
Service Support
Service Desk
Incident Management
Problem Management
Configuration and Asset Management
Change Management
Release Management
Service Delivery
Service-Level Management
Financial Management for IT Services
Performance and Capacity Management
IT Service Continuity Management
Availability Management
ICT Infrastructure Management
Security Management
Assessing and Implementing IT Operations
Assessing the IT Operations Capabilities
Designing an IT Operations Solution
Implementing an IT Operations Solution
Putting the IT Operations Solution into Action
Outsourcing to a Service Provider
Security Management
Security Operations
Preparing for Security Operations
Gather Requirements
Selecting the Tools
Establishing Security Operations
Methods of Implementation
Roles and Responsibilities
Implementing Security Operations
Incorporating Security into Operational Processes
Process Example
Next Steps
Vulnerability Management
Vulnerability Management Process
Monitor
Gather Data
Assess the Posture
Remediate
Rinse and Repeat
Establishing Vulnerability Management
Assess
Design
Implement
Review
Next Steps
Tools
Where to Use Them
Asset Tracking
Patch Deployment
How to Determine Which One Is Best
Price
Leveraging Existing Software
Supported Operating Systems
Agent-Based versus Agentless Software Products
Tools Evaluated
Conducting Comparisons
Testing
Common Issues with Testing
The Testing Process
Preinstall Activities
Patch Installation
Test Intended Purpose
Test Primary Uses
Test Secondary Uses
Testing Patch Back Out
Approving Deployment
Patch Ratings and How They Affect Testing
Prioritizing the Test Process
Externally Facing Hosts
Mission-Critical Hosts
Critical Users
Mobile Devices and Remote Users
Clients of Critical Hosts
Standard User Systems
Internal Network Devices
Dynamic Prioritization
The Test Lab
Virtual Machines
Wrapping It Up
Process Life Cycle
Security Committee
Security Group
Operations Group
Network Operations Center
Analysis Phase of Patch Management
Monitoring and Discovery
Initial Assessment Phase
Impact Assessment Phase
Remediation Phase of Patch Management
Patch Course of Action
Patch Security Advisory
Testing the Patch
"Critical" Vulnerabilities
Use of a Standard Build
Updating the Operational Environment
Distributing the Patch
Implementation of Patches
Time Frame of Deployment
Exceptions to the Rule
Updating Remote Users
Tracking Patches
Patch Reporting
Putting the Process in Place
Assessing Current State
Determine Requirements
Performing the Gap Analysis
Designing the Process
Assessing Network Devices and Systems
Implementation Phase
Standard Build
Implement the Tool
Piloting the Process
Moving the Process into Production
Update Design Based on Implementation
Operating the Process
Integration into Existing Processes
Updating Standard Builds
Implementation of New Servers
Day-to-Day Tool Operations
Deployment of Patches
Maintain
Organizational Structure Changes
Operational Changes
Purchase of New or Additional Tool
Annual Basis
Patch Management Policy
Conclusion
Challenges
Next Steps
Index
