The Truth About Patching
by Mark Shavlik - President and CEO of Shavlik Technologies - Wednesday, 6 December 2006.
This argument is flawed on two fronts. For one, agentless systems typically use multi-threaded processes that enable them to scan multiple machines simultaneously. The real heavy lifting happens at the server, which has to examine all the gathered data.

In an agent-based scenario, if all agents are reporting in at once, you should ask whether that server can keep up. And in practice, it’s not likely that the scanning tool will be the gating factor in how quickly you can get a patch out — it’s how quickly the third-party vendor makes the patch available.

Myth No. 5: Agent-based systems offer better coverage.

This is true to the extent that agent-based systems are better-suited for machines such as laptops that are often disconnected from the network. It’s also why most agentless patch system vendors also offer an agent-based option. Yet here again, there’s a tradeoff: For every laptop user who may benefit from an agent-based approach, you might have a desktop user who turns off the desktop’s agent, or closes the port used to connect to it.

The truth is: There’s a place for both agent-based and agentless patching technologies. In an ideal world, your vendor will offer both — along with the sophisticated scanning technology that is at the heart of a quality patching solution.


Cloned, booby-trapped Dark Web sites steal bitcoins, login credentials

Apart from being a way for dissidents and journalists to do their business without being spotted and identified by "the powers that be", the Dark Web is also a place where criminals sell and buy illegal wares and services and, apparently, where they also get robbed by scammers.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Jul 3rd