On-Demand Webcast
Patching is only effective if it is timely and thorough. But, timely and thorough patch management remains an elusive goal.
We know about vulnerabilities and patches in general directly from vendor bulletins and from organizations like CERT and DHS. And our vulnerability scanners stridently report the specific systems missing these patches. Yet months go by and systems are still unpatched. Why is this?
In this real training for free webinar, we will explore the answers to this question and the solutions. Here’s a few of the points we’ll delve into:
- Organizationally there’s often a lack of clear lines of authority and accountability. The infosec team says “you need to install all these patches”. The server admins say “it’s on our list” or “it’s stuck with the change control board”. And there’s no arbiter.
- Lack of automation
- Lack of integration between vulnerability management, patch management, change control and ticketing systems
- Inability to identify all of the different systems that are in the environment
- Ineffective prioritization, resulting in the wrong things being worked on.
Then we’ll share insights from organizations that have overcome these problems. We will look at how they are structured. Who is accountable. How authority and responsibility flows. How stability and security priorities are balanced.
Then Justin Buchanan will show how the technology side can be addressed through automation and integration with InsightVM.
Speakers
Randy Franklin Smith
Ultimate Windows Security
Justin Buchanan
Rapid7