{"id":681,"date":"2021-07-12T11:15:55","date_gmt":"2021-07-12T05:45:55","guid":{"rendered":"https:\/\/kayimpex.wordpress.com\/?p=681"},"modified":"2021-07-12T11:15:55","modified_gmt":"2021-07-12T05:45:55","slug":"patch-management","status":"publish","type":"post","link":"https:\/\/www.kayimpex.com\/blog\/2021\/07\/12\/patch-management\/","title":{"rendered":"Patch Management"},"content":{"rendered":"\n
\"\"<\/figure><\/div>\n\n\n\n

Patch management is the process for identifying, acquiring, installing, and verifying patches for products and systems. Patches correct security and functionality problems in software and firmware. From a security perspective, patches are most often of interest because they are mitigating software flaw vulnerabilities; applying patches to eliminate these vulnerabilities significantly reduces the opportunities for exploitation. Also, patches are usually the most effective way to mitigate software flaw vulnerabilities, and are often the only fully effective solution. <\/p>\n\n\n\n\n\n\n\n

Patch Management is mostly done by software companies as part of their internal efforts to fix problems with the different versions of software programs and also to help analyze existing software programs and detect any potential lack of security features or other upgrades.<\/p>\n\n\n\n


Patches serve other purposes than just fixing software flaws; they can also add new features to software and firmware, including security capabilities. New features can also be added through upgrades, which bring software or firmware to a newer version in a much broader change than just applying a patch. Vendors often stop supporting older versions of their products, which includes no longer releasing patches to address new vulnerabilities, thus making older unsupported versions less unusable over time. Upgrades are then necessary to get such products to a supported version that is patch<\/p>\n\n\n\n


Factors affecting organisation patch management<\/span><\/strong><\/p>\n\n\n\n


Components and Architecture
<\/strong>Enterprise patch management technologies are similar architecturally to other enterprise security solutions: one or more centralized servers that provide management and reporting, and one or more consoles. What distinguishes enterprise patch management technologies from each other architecturally are the techniques they use to identify missing patches. The three techniques are agent-based, agentless scanning, and passive network monitoring. Many products support only one of these techniques, while other products support more than one.<\/p>\n\n\n\n

Organisational factors
<\/strong>A number of organisational factors come into play when considering IT security solutions including the size of the organisation, distribution of its assets, current infrastructure and applications used, industry and compliance requirements, internal IT department skill-set etc
Management Capabilities
Once a patch management technology has been selected, its administrators should design a solution architecture, perform testing, deploy and secure the solution, and maintain its operations and security. This section highlights issues of particular interest with administration\u2014implementation, operation, and maintenance\u2014of patch management technologies, and provides recommendations for performing them effectively and efficiently.<\/p>\n\n\n\n


Usability and Availability
<\/strong>Organisations should balance their security needs with their needs for usability and availability. For example, installing a patch may \u201cbreak\u201d other applications; this can best be addressed by testing patches before deployment. Another example is that forcing application restarts, OS reboots, and other host (computers\/mobiles\/servers or any other IP connected asset) state changes is disruptive and could cause loss of data or services. Again, organizations need to balance the need to get patches applied with the need to support operations.<\/p>\n\n\n\n


Other Capabilities
<\/strong>Many host-based products that have patch management capabilities also provide a variety of other security capabilities, such as antivirus software, configuration management, and vulnerability scanning.Patch management technologies typically have capabilities for identifying which software and versions of software are installed on each host, or alternately, just identifying vulnerable versions of software that are installed. In addition, some products have features for installing new versions of software, installing or uninstalling software features, and uninstalling software.<\/p>\n\n\n\n


Key questions organisation must check ask when evaluating effectiveness of their current patch management system
 How often are hosts checked for missing updates?
\u2022 How often are asset inventories for host applications updated?
\u2022 What is the minimum\/average\/maximum time to apply patches to X% of hosts?
\u2022 What percentage of the organization\u2019s desktops and laptops are patched within X days of patch release? Y days? Z days? (where X, Y, and Z are different values, such as 10, 20, and 30)
\u2022 On average, what percentage of hosts are fully patched at any given time? Percentage of high impact hosts? Moderate impact? Low impact?
\u2022 What percentage of patches are applied fully automatically, versus partially automatically, versus manually?<\/p>\n\n\n\n

\"\"<\/figure>\n","protected":false},"excerpt":{"rendered":"

Patch management is the process for identifying, acquiring, installing, and verifying patches for products and systems. Patches correct security and […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[5],"tags":[],"class_list":["post-681","post","type-post","status-publish","format-standard","hentry","category-computing"],"aioseo_notices":[],"yoast_head":"\nPatch Management -<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.kayimpex.com\/blog\/2021\/07\/12\/patch-management\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Patch Management -\" \/>\n<meta property=\"og:description\" content=\"Patch management is the process for identifying, acquiring, installing, and verifying patches for products and systems. Patches correct security and […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.kayimpex.com\/blog\/2021\/07\/12\/patch-management\/\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/kayimpex\/\" \/>\n<meta property=\"article:published_time\" content=\"2021-07-12T05:45:55+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/kayimpex.files.wordpress.com\/2021\/07\/patch-management-1024x756_0.png?w=1024\" \/>\n<meta name=\"author\" content=\"Sabrinath Vasu\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@kay_impex\" \/>\n<meta name=\"twitter:site\" content=\"@kay_impex\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Sabrinath Vasu\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.kayimpex.com\/blog\/2021\/07\/12\/patch-management\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.kayimpex.com\/blog\/2021\/07\/12\/patch-management\/\"},\"author\":{\"name\":\"Sabrinath Vasu\",\"@id\":\"https:\/\/www.kayimpex.com\/blog\/#\/schema\/person\/4d7f5e81c585cfb220f5d5e83e009432\"},\"headline\":\"Patch Management\",\"datePublished\":\"2021-07-12T05:45:55+00:00\",\"dateModified\":\"2021-07-12T05:45:55+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.kayimpex.com\/blog\/2021\/07\/12\/patch-management\/\"},\"wordCount\":662,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.kayimpex.com\/blog\/#organization\"},\"articleSection\":[\"computing\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.kayimpex.com\/blog\/2021\/07\/12\/patch-management\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.kayimpex.com\/blog\/2021\/07\/12\/patch-management\/\",\"url\":\"https:\/\/www.kayimpex.com\/blog\/2021\/07\/12\/patch-management\/\",\"name\":\"Patch Management -\",\"isPartOf\":{\"@id\":\"https:\/\/www.kayimpex.com\/blog\/#website\"},\"datePublished\":\"2021-07-12T05:45:55+00:00\",\"dateModified\":\"2021-07-12T05:45:55+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.kayimpex.com\/blog\/2021\/07\/12\/patch-management\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.kayimpex.com\/blog\/2021\/07\/12\/patch-management\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.kayimpex.com\/blog\/2021\/07\/12\/patch-management\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.kayimpex.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Patch Management\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.kayimpex.com\/blog\/#website\",\"url\":\"https:\/\/www.kayimpex.com\/blog\/\",\"name\":\"kayimpex.com\",\"description\":\"Understanding Cyber Security Trends in 2024\",\"publisher\":{\"@id\":\"https:\/\/www.kayimpex.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.kayimpex.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.kayimpex.com\/blog\/#organization\",\"name\":\"Kay Impex\",\"url\":\"https:\/\/www.kayimpex.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.kayimpex.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.kayimpex.com\/blog\/wp-content\/uploads\/2024\/09\/PastedGraphic-4-1.png\",\"contentUrl\":\"https:\/\/www.kayimpex.com\/blog\/wp-content\/uploads\/2024\/09\/PastedGraphic-4-1.png\",\"width\":153,\"height\":91,\"caption\":\"Kay Impex\"},\"image\":{\"@id\":\"https:\/\/www.kayimpex.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/kayimpex\/\",\"https:\/\/twitter.com\/kay_impex\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.kayimpex.com\/blog\/#\/schema\/person\/4d7f5e81c585cfb220f5d5e83e009432\",\"name\":\"Sabrinath Vasu\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.kayimpex.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/995f426423f9a20d9cca229ca7670145?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/995f426423f9a20d9cca229ca7670145?s=96&d=mm&r=g\",\"caption\":\"Sabrinath Vasu\"},\"sameAs\":[\"https:\/\/www.kayimpex.com\/blog\"],\"url\":\"https:\/\/www.kayimpex.com\/blog\/author\/admin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Patch Management -","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.kayimpex.com\/blog\/2021\/07\/12\/patch-management\/","og_locale":"en_US","og_type":"article","og_title":"Patch Management -","og_description":"Patch management is the process for identifying, acquiring, installing, and verifying patches for products and systems. Patches correct security and […]","og_url":"https:\/\/www.kayimpex.com\/blog\/2021\/07\/12\/patch-management\/","article_publisher":"https:\/\/www.facebook.com\/kayimpex\/","article_published_time":"2021-07-12T05:45:55+00:00","og_image":[{"url":"https:\/\/kayimpex.files.wordpress.com\/2021\/07\/patch-management-1024x756_0.png?w=1024"}],"author":"Sabrinath Vasu","twitter_card":"summary_large_image","twitter_creator":"@kay_impex","twitter_site":"@kay_impex","twitter_misc":{"Written by":"Sabrinath Vasu","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.kayimpex.com\/blog\/2021\/07\/12\/patch-management\/#article","isPartOf":{"@id":"https:\/\/www.kayimpex.com\/blog\/2021\/07\/12\/patch-management\/"},"author":{"name":"Sabrinath Vasu","@id":"https:\/\/www.kayimpex.com\/blog\/#\/schema\/person\/4d7f5e81c585cfb220f5d5e83e009432"},"headline":"Patch Management","datePublished":"2021-07-12T05:45:55+00:00","dateModified":"2021-07-12T05:45:55+00:00","mainEntityOfPage":{"@id":"https:\/\/www.kayimpex.com\/blog\/2021\/07\/12\/patch-management\/"},"wordCount":662,"commentCount":0,"publisher":{"@id":"https:\/\/www.kayimpex.com\/blog\/#organization"},"articleSection":["computing"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.kayimpex.com\/blog\/2021\/07\/12\/patch-management\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.kayimpex.com\/blog\/2021\/07\/12\/patch-management\/","url":"https:\/\/www.kayimpex.com\/blog\/2021\/07\/12\/patch-management\/","name":"Patch Management -","isPartOf":{"@id":"https:\/\/www.kayimpex.com\/blog\/#website"},"datePublished":"2021-07-12T05:45:55+00:00","dateModified":"2021-07-12T05:45:55+00:00","breadcrumb":{"@id":"https:\/\/www.kayimpex.com\/blog\/2021\/07\/12\/patch-management\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.kayimpex.com\/blog\/2021\/07\/12\/patch-management\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.kayimpex.com\/blog\/2021\/07\/12\/patch-management\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.kayimpex.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Patch Management"}]},{"@type":"WebSite","@id":"https:\/\/www.kayimpex.com\/blog\/#website","url":"https:\/\/www.kayimpex.com\/blog\/","name":"kayimpex.com","description":"Understanding Cyber Security Trends in 2024","publisher":{"@id":"https:\/\/www.kayimpex.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.kayimpex.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.kayimpex.com\/blog\/#organization","name":"Kay Impex","url":"https:\/\/www.kayimpex.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.kayimpex.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.kayimpex.com\/blog\/wp-content\/uploads\/2024\/09\/PastedGraphic-4-1.png","contentUrl":"https:\/\/www.kayimpex.com\/blog\/wp-content\/uploads\/2024\/09\/PastedGraphic-4-1.png","width":153,"height":91,"caption":"Kay Impex"},"image":{"@id":"https:\/\/www.kayimpex.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/kayimpex\/","https:\/\/twitter.com\/kay_impex"]},{"@type":"Person","@id":"https:\/\/www.kayimpex.com\/blog\/#\/schema\/person\/4d7f5e81c585cfb220f5d5e83e009432","name":"Sabrinath Vasu","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.kayimpex.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/995f426423f9a20d9cca229ca7670145?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/995f426423f9a20d9cca229ca7670145?s=96&d=mm&r=g","caption":"Sabrinath Vasu"},"sameAs":["https:\/\/www.kayimpex.com\/blog"],"url":"https:\/\/www.kayimpex.com\/blog\/author\/admin\/"}]}},"featured_media_src_url":null,"_links":{"self":[{"href":"https:\/\/www.kayimpex.com\/blog\/wp-json\/wp\/v2\/posts\/681"}],"collection":[{"href":"https:\/\/www.kayimpex.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kayimpex.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kayimpex.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kayimpex.com\/blog\/wp-json\/wp\/v2\/comments?post=681"}],"version-history":[{"count":0,"href":"https:\/\/www.kayimpex.com\/blog\/wp-json\/wp\/v2\/posts\/681\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.kayimpex.com\/blog\/wp-json\/wp\/v2\/media?parent=681"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kayimpex.com\/blog\/wp-json\/wp\/v2\/categories?post=681"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kayimpex.com\/blog\/wp-json\/wp\/v2\/tags?post=681"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}