by Colm Murphy - Technical Director at Espion - Thursday, 24 May 2007.
Fixing security problems is the result of vulnerability management. Traditional manual processes for applying patches and other remediation are slow and expensive. Sometimes the high cost of patching coupled with the high volume of patches released by vendors encourages organisations to delay remediation. Organisations may delay updates – even for critical patches – until multiple patches or service packs are available, or until arrival of a regular monthly, quarterly or annual update process. Unfortunately, delay can be a fatal strategy so it’s important to remediate vulnerabilities as quickly as possible. Automated patch management and software distribution solutions can help speed this process and keep costs to a minimum. After application of a patch or remediation process, organisations should rescan IP-connected assets to ensure that the fix worked and that it does not cause other network devices, services or applications to malfunction. Verification of fixes with resulting scan reports provides documentation for compliance with security provisions of laws and regulations such as PCI and Sarbanes-Oxley.
The bottom line is that Vulnerability Management is a valuable pro-active tool in your protection arsenal. It is only by taking pro-active steps, and ultimately getting there before it is too late, that you can confidently thwart the determined efforts of the few bully-boy attackers who relentlessly flood our networks with their malicious payloads.