.

Patch Management Strategy

<<

l33t5h@rk

Post Wed Oct 05, 2011 10:13 pm

Patch Management Strategy

SANS ISC put up an article about a month ago I've been meaning to discuss. It questions the current paradigm of patch management in today's world and its surplus of updates. Has anyone seen a general change in the strategy of patch management at their organizations?

Link to article here:
http://isc.sans.edu/diary.html?storyid=11527&rss
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Wed Oct 05, 2011 10:59 pm

Re: Patch Management Strategy

The biggest change I've seen is that critical testing has only held true on mission critical boxes. We basically push out updates quickly to the users, including all third party apps. Still use a small test group but the vetting process is much less extensive than it used to be. I totally agree with the article that its probably riskier to wait to patch than to risk blowing up their PCs. It just doesn't seem to happen that often anymore.

However, in very large organizations this strategy could be dangerous. If you blew up 20K PCs with one update, you'd probably have a bigger problem on your hands!
<<

SephStorm

User avatar

Hero Member
Hero Member

Posts: 569

Joined: Sat Apr 17, 2010 12:12 pm

Post Thu Oct 06, 2011 8:01 am

Re: Patch Management Strategy

From what i've seen, patch management defiantly doesn't follow the official party path of testing and release. From what i've seen, patch management means ineffective software solutions, and no enforcement of policies.  8)
sectestanalysis.blogspot.com/‎
<<

l33t5h@rk

Post Thu Oct 06, 2011 8:27 pm

Re: Patch Management Strategy

Thanks for the replies. I am starting to make a push for more frequent updates in our non-production regions but sticking with the regular schedule (monthly) in production.

Return to Other

Who is online

Users browsing this forum: No registered users and 2 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software