HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 45 guests and 1 member online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Otherarrow Patch Management Strategy
EH-Net
May 20, 2013, 09:54:23 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Patch Management Strategy  (Read 1826 times)
0 Members and 1 Guest are viewing this topic.
l33t5h@rk
Guest
« on: October 05, 2011, 10:13:51 PM »
SANS ISC put up an article about a month ago I've been meaning to discuss. It questions the current paradigm of patch management in today's world and its surplus of updates. Has anyone seen a general change in the strategy of patch management at their organizations?

Link to article here:
http://isc.sans.edu/diary.html?storyid=11527&rss
Logged
cd1zz
Hero Member
*****
Offline Offline

Posts: 561


View Profile WWW
« Reply #1 on: October 05, 2011, 10:59:57 PM »
The biggest change I've seen is that critical testing has only held true on mission critical boxes. We basically push out updates quickly to the users, including all third party apps. Still use a small test group but the vetting process is much less extensive than it used to be. I totally agree with the article that its probably riskier to wait to patch than to risk blowing up their PCs. It just doesn't seem to happen that often anymore.

However, in very large organizations this strategy could be dangerous. If you blew up 20K PCs with one update, you'd probably have a bigger problem on your hands!
Logged
OSCE | OSCP | GXPN | OSWP | CISSP
http://www.pwnag3.com
http://www.networkadminsecrets.com
SephStorm
Hero Member
*****
Offline Offline

Posts: 530


View Profile WWW
« Reply #2 on: October 06, 2011, 08:01:38 AM »
From what i've seen, patch management defiantly doesn't follow the official party path of testing and release. From what i've seen, patch management means ineffective software solutions, and no enforcement of policies.  Cool
Logged
Support my hactivities.
http://www.cafepress.com/TRUEHacker
l33t5h@rk
Guest
« Reply #3 on: October 06, 2011, 08:27:53 PM »
Thanks for the replies. I am starting to make a push for more frequent updates in our non-production regions but sticking with the regular schedule (monthly) in production.
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.076 seconds with 23 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Free Business and Tech Magazines and eBooks

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.