The process of vulnerability discovery and patching.
Managing a vulnerability through it's lifecycle from discovery to patch is a vital process. For some, this management is automated within the applications and operating systems they use. But for many businesses the risk of automated patching is too great and it must be carefully managed.
Our consultants are engaged to undertake the following on an adhoc basis, or regularly as part of a managed service.
In addition to vulnerability assessment tools, we have a research team who look for new vulnerabilities and report on them via our Cyber Radar Console
Just because a vulnerability has been detected it doesn't mean that a client is vulnerable to it, our consultants will work with the client to identify their vulnerabilities and help to triage patching if required. To do this, we review the technical details of the vulnerability to see the necessary criteria for exploitation is present.
If the vulnerability does meet the criteria for exploitation, we look at various methods to mitigate the problem:
Our consultant will work with the client to manage the situation and prioritise the patching.
Our consultants can be engaged to undertake Vulnerability Management as part of a managed service in the following ways:
Consultative. As per the the Vulnerability Management Service above, this is often undertaken as part of our vCISO service.
Security Device Management. It is critical that Security devices such as firewalls, IPS etc are patched in a timely fashion. If a critical patch is released for these devices our client will be notified, whereupon they will make a decision as to whether we patch them immediately or await your next scheduled patching cycle. The patching cycles can be scheduled to match those of the vendors, though most clients opt for monthly. The client will be notified of any patching required so that they can authorise the deployment and any downtime which might be required.
Endpoint Vulnerability Management. Our consultants will provide an agent to be deployed onto each host, these agents provide constant vulnerability assessment of their hosts, roughly every 240 minutes. This is especially important for remote and home working staff who may otherwise go for weeks or even months without being checked. The patching cycle is usually every 4 weeks, though you will be notified of any critical patches. The patches won't be deployed without your authorisation.