Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Patching

When Patch Tuesday becomes Patch Monday - Friday

If you’re an administrator running Ivanti VPN (Connect Secure and Policy Secure) appliances in your network, then the past two months have likely made you wish you weren’t. In a relatively short timeframe bad news kept piling up for Ivanti Connect Secure VPN customers, starting on Jan. 10th, 2024, when critical and high severity vulnerabilities, CVE-2024-21887 and CVE-2023-46805 respectively, were disclosed by Ivanti impacting all supported versions of the product.

Relative Maintenance Windows - Patch FAQs - Tanium Tech Talks #80

See how to automatically download and deploy patches to your own pre-defined patch rings in today's Patch FAQ, using the new relative maintenance windows feature. Set-it-and-forget-it! This is the trifecta of zero-touch patching: relative maintenance windows, relative patch lists, and on-going deployments. Combine that with dynamic computer groups via tags or randomization for the ultimate experience of patch automation for #Windows and #Linux.

Autonomous Patching in 72 Hours: Understanding SwyftComply on AppTrana WAAP

To comply with the security audit requirements of SOC 2, PCI, and others, your application audit report should have zero open vulnerabilities. Most companies perform these audits at least annually, and the audits are more frequent for highly regulated industries such as finance and healthcare. However, 31% of critical and high vulnerabilities remain open after 180 days – according to The State of Application Security.

Patching New Endpoints - Patch FAQs - Tanium Tech Talks #79

In this installment of the Tanium Patch FAQ series we learn how to automatically patch new #Windows and #Linux servers and workstations. What will you do with all the time you save? Using Tanium's Provision, Deploy, Enforce, and Patch modules you can fully automate the build of new servers and workstations: operating system, applications, policies, and patches. Customers report massive time savings with this automation.

The History of Patch Tuesday: Looking back at the first 20 years

One of the most critical aspects of cybersecurity is ensuring that all software is kept up to date with the latest patches. This is necessary to cover any vulnerabilities that cybercriminals could take advantage of in order to infiltrate an organization and launch an attack. With the volume of updates and the effort needed to install and configure them, it is good to know precisely when patches will be released.

Under the hood of CVE patching

Addressing Common Vulnerabilities and Exposures, known as CVE patching, is a practice of applying updates to software (patching) to address security vulnerabilities. CVE patching is your shield against the threat of malicious actors exploiting such weaknesses and is of crucial importance for every organization’s cybersecurity. This post will cover the basics of CVE patching: the roles and stakeholders, the step-by-step process, and common mistakes to avoid.

Keep Your Software Update Routine Strong

Software is an essential part of our online experience. Whether it’s our operating systems, web browsers, or the apps we use daily, software plays a crucial role in our lives. However, with great convenience comes a big responsibility, and one of the most essential aspects of online safety is keeping your software updated regularly. In this blog, we’ll explore the significance of keeping your software up-to-date.

ICS Environments and Patch Management: What to Do If You Can't Patch

The evolution of the cyber threat landscape highlights the need for organizations to strengthen their ability to identify, analyze, and evaluate cyber risks before they evolve into security incidents. Known unpatched vulnerabilities are often exploited by criminals to penetrate Industrial Control Systems (ICS) environments and disrupt critical operations.

5 Risks Of Outdated Software & Operating Systems

One of the most common ways that hackers target organizations is by exploiting vulnerabilities in outdated software. Outdated software risks can leave you open to a variety of hacks, including ransomware, malware, data breaches, and more. The fact is, failing to update your software doesn’t just mean you’re missing out on the latest version—it means you could expose your organization to major security vulnerabilities, like the widespread Apache Log4j2 vulnerability.