![]() ![]() Additionally, businesses should ask if these rollbacks can be done in an automated way or if they will need to roll-back a real patch manually. Rollbacks can also be useful in situations similar to the 2021 SolarWinds breach, where new updates are rolled out but infected. To prevent potential issues with automated patching, organizations should communicate with their vendors about the possibility of rollbacks to previous versions of software. For businesses that operate on a 24/7 basis, this can incur huge opportunity costs. Sometimes, even a good patch can temporarily take a system down. But patches are made by people, and people are subject to human error. Today, organizations can invest in SaaS versions of applications, meaning vendors can automatically apply patches and updates to software without needing action or authorization. Security leaders and decision makers can use the report Quantifying the Public Vulnerability Market: 2022 Edition by Omdia Research for more insights into leading bug bounty programs. ![]() Staying up to date with bug bounty programs that leverage global threat intelligence, such as the Zero Day Initiative, is an ideal way to monitor these bugs and gain insight into public patches to fix vulnerabilities. As a result, organizations may have an exploitable bug in their network without even knowing it.Ĭonsistent monitoring for suspicious activity inside of networks is a must for defense against zero-day exploits. Zero-days are difficult to defend against due to their very nature they’re new vulnerabilities that can shift and evolve at any time. As such, zero-day vulnerabilities will always be a matter of when not if. Investigative journalist Brian Krebs recently reported that a Google Chrome zero-day exploit sold for a staggering $2M. Moreover, zero-day exploits are extremely lucrative for threat actors. Today’s malicious actors are growing more innovative, with many now analyzing recommended patches and finding vulnerabilities within these patches themselves. This opens a range of possibilities for malicious actors to exploit vulnerabilities that organizations didn’t even know applied to them.Įighteen zero-day exploits have already been used in the first half of 2022 and half of these zero-day exploits are variants of bugs that were previously identified. With businesses of any size, old applications, networks, systems, devices, and servers can go undetected. Also, any vulnerabilities that have a public proof of concept (POC) which we’ve seen weaponized by malicious actors.Īn important part of this stage is gaining full visibility into an organization’s entire footprint. A good resource is the CISA Known Exploited Vulnerability catalog that lists out these vulnerabilities. The next is to identify those applications and/or operating systems that have actively exploited vulnerabilities in-the-wild. ![]() These are the key vulnerabilities to hone in on – the ones that could pose significant harm to your organization. From that point, security teams can work to identify which of those bugs are being actively exploited and which are part of the business’s critical infrastructure. Organizations should start by only focusing on the bugs relevant to the application systems they use in-house. To cut through the noise of constant updates, security teams must identify which patches are the most relevant to their organization’s daily operations. Of the 28,000 CVEs published by MITRE last year, it’s unlikely that a single organization – even the most sophisticated – would find every one applicable to their business. These top five patch management policy best practices can help organizations create a strong defense program against vulnerability exploitation.ġ. What does a successful patch management policy strategy look like? It starts with a risk-based approach to stay up-to-date with new vulnerabilities while preventing bottlenecks in security workflows. On top of that, vendors are (rightfully) sending patches out to clients every day, further inundating companies with a growing list of vulnerabilities to address. In 2021,the Trend Micro™ Zero Day Initiative™ publicly disclosed 1,543 vulnerabilities and 68% of those categorized as critical or high severity. But navigating the sheer number of vulnerabilities and patches available is overwhelming. ![]()
0 Comments
Leave a Reply. |