In this five part blog post we’re discussing what gets in the way of businesses when it comes to better patch management. If you missed part one, which talks about the scale of the application vulnerability problem, read it here.
It’s easy to assume that the barriers to good patch management are technical. That limited resources come into play and organisations simply don’t know how to tackle this rapidly growing problem.
However, in some cases, companies feel that they are already protected by their existing security systems.
We’ve all invested in sophisticated ‘next-generation’ firewalls and anti-virus platforms that have defended against a wide range of threats. However, today, the nature of the threat has changed – and our defences must change in the same way.
Firewalls and anti-virus systems provide blanket coverage in two key areas – controlling the flow of traffic into and out of the network, and blocking the execution of malicious code on an endpoint. They are both essential security technologies that do an excellent job of keeping infrastructures safe in those two areas.
But that’s the point. With the proliferation of firewalls and anti-virus software, attackers have been forced to change the way they work. Known malware is caught before it can be executed. Penetration attacks fail to penetrate. And so a different course of action is required.
That is the exploitation of application vulnerabilities, using seemingly innocent network ports and functional, trusted applications to gain varying degrees of system access.
Most businesses are defending themselves in key areas, but missing the last line of defence – the part of the security stack that secures software that is already in your infrastructure.
Businesses have invested in the right technology to scan for known viruses and monitor and filter traffic into and out of the network. You wouldn’t manually check every application against a list of viruses, and you certainly wouldn’t take hands-on control over your network traffic.
So why is it any different with application vulnerabilities?