Security Patch Management: 1st Edition (Hardback) book cover

Security Patch Management

1st Edition

By Felicia M. Nicastro

CRC Press

284 pages | 14 B/W Illus.

Purchasing Options:$ = USD
Paperback: 9780367382889
pub: 2019-07-31
Available for pre-order
$74.95
x
Hardback: 9781439824993
pub: 2011-04-05
$100.00
x
eBook (VitalSource) : 9780429104466
pub: 2011-04-05
from $50.00


FREE Standard Shipping!

Description

Although the patch management process is neither exceedingly technical nor extremely complicated, it is still perceived as a complex issue that’s often left to the last minute or resolved with products that automate the task. Effective patch management is not about technology; it’s about having a formal process in place that can deploy patches to vulnerable systems quickly.

Helping you figure out exactly what to patch and which patches to use, Security Patch Management provides detailed guidance through the process of creating and implementing an effective and efficient patch management process. It uses a format that is easy-to-understand and applicable regardless of the operating system, network device, or patch deployment tool. The author illustrates the proper implementation of patches on devices and systems within various infrastructures to provide the insight required to:

  • Design your own patch release process and keep it action ready
  • Test the effectiveness of your patches
  • Keep up with the latest patch releases
  • Prioritize the vulnerabilities that need to be addressed
  • Apply patches quickly and without draining essential network resources

This book supplies the tools and guidelines you need to stay one step ahead of the exploits on the horizon. It will help you establish a patch management process that not only protects your organization against zero-day attacks, but also helps you become more proactive when it comes to this critical facet of information security.

Table of Contents

Introduction

How to Use This Book

Background

Getting Started

Who Owns the Process?

People, Process, and Technology

Measuring Success

Next Steps

Types of Patches

Functionality Patches

Feature Patches

Security Patches

Product Vendor’s Responsibility

Vulnerability to Patch to Exploit

Who Exploits When, Why, and How

The Who

The When

The Why

The How

Tracking New Patch Releases

Resources for Information

What to Patch

Desktops

Standard Build

User Awareness

Use of Tool

Remote Users

Laptops

Servers

Windows

UNIX and Linux

Network Devices

Network and Systems Management: Information Technology Infrastructure Library

Network and Systems Management

Starting with Process

ITIL

Service Support

Service Desk

Incident Management

Problem Management

Configuration and Asset Management

Change Management

Release Management

Service Delivery

Service-Level Management

Financial Management for IT Services

Performance and Capacity Management

IT Service Continuity Management

Availability Management

ICT Infrastructure Management

Security Management

Assessing and Implementing IT Operations

Assessing the IT Operations Capabilities

Designing an IT Operations Solution

Implementing an IT Operations Solution

Putting the IT Operations Solution into Action

Outsourcing to a Service Provider

Security Management

Overview

Security Operations

Preparing for Security Operations

Gather Requirements

Selecting the Tools

Establishing Security Operations

Methods of Implementation

Roles and Responsibilities

Implementing Security Operations

Incorporating Security into Operational Processes

Process Example

Next Steps

Vulnerability Management

Definition of Vulnerability Management

Vulnerability Management Process

Monitor

Gather Data

Assess the Posture

Remediate

Rinse and Repeat

Establishing Vulnerability Management

Assess

Design

Implement

Review

Next Steps

Tools

Process versus Tools

Where to Use Them

Asset Tracking

Patch Deployment

How to Determine Which One Is Best

Price

Leveraging Existing Software

Supported Operating Systems

Agent-Based versus Agentless Software Products

Tools Evaluated

Conducting Comparisons

Testing

Common Issues with Testing

The Testing Process

Preinstall Activities

Patch Installation

Test Intended Purpose

Test Primary Uses

Test Secondary Uses

Testing Patch Back Out

Approving Deployment

Patch Ratings and How They Affect Testing

Prioritizing the Test Process

Externally Facing Hosts

Mission-Critical Hosts

Critical Users

Mobile Devices and Remote Users

Clients of Critical Hosts

Standard User Systems

Internal Network Devices

Dynamic Prioritization

The Test Lab

Virtual Machines

Wrapping It Up

Process Life Cycle

Roles and Responsibilities

Security Committee

Security Group

Operations Group

Network Operations Center

Analysis Phase of Patch Management

Monitoring and Discovery

Initial Assessment Phase

Impact Assessment Phase

Remediation Phase of Patch Management

Patch Course of Action

Patch Security Advisory

Testing the Patch

"Critical" Vulnerabilities

Use of a Standard Build

Updating the Operational Environment

Distributing the Patch

Implementation of Patches

Time Frame of Deployment

Exceptions to the Rule

Updating Remote Users

Tracking Patches

Patch Reporting

Putting the Process in Place

Preparing for the Process

Assessing Current State

Determine Requirements

Performing the Gap Analysis

Designing the Process

Assessing Network Devices and Systems

Implementation Phase

Standard Build

Implement the Tool

Piloting the Process

Moving the Process into Production

Update Design Based on Implementation

Operating the Process

Integration into Existing Processes

Updating Standard Builds

Implementation of New Servers

Day-to-Day Tool Operations

Deployment of Patches

Maintain

Organizational Structure Changes

Operational Changes

Purchase of New or Additional Tool

Annual Basis

Patch Management Policy

Conclusion

Challenges

Next Steps

Index

About the Author

Felicia Wetter (Nicastro) is Managing Director of the Ethical Hacking Center of Excellence (EHCOE) of BT Global Services. Felicia is responsible for managing the delivery of ethical hacking projects throughout North and South America. With a team of over 40 testers and managers, Felicia interacts with multiple types of clients on a regular basis to ensure that the penetration testing they are having performed provides them with the guidance and information they need to protect themselves from a malicious attack.

With over 12 years in the information security field, Felicia has covered almost every aspect of information security throughout her tenure, including developing and providing an organization with the policies and procedures required to maintain an appropriate security posture. Because of her experience, Felicia clearly understands the needs of an organization, from both a security and an end-user perspective and thus can provide solutions for her customers that allow them to accomplish the needs of the business and to obtain the security posture they desire.

In March 2003, Felicia authored a white paper for International Network Services (INS) titled "Security Patch Management—High-Level Overview of the Patch Management Process." Her article also was published in the November–December 2003 issue of Information Systems Security Journal. Although the importance of the process has remained the same, there have been some major accomplishments in patch management as well as the process, which are changed and expanded on in this book. Felicia earned a B.S. in management information systems from Stockton College in New Jersey. She is also trained as a Certified Information Systems Security Professional (CISSP), a Certified Information Systems Auditor (CISA), and as a Certified Health Insurance Portability and Accountability Act Security Professional (CHSP).

Subject Categories

BISAC Subject Codes/Headings:
BUS087000
BUSINESS & ECONOMICS / Production & Operations Management
COM032000
COMPUTERS / Information Technology
COM053000
COMPUTERS / Security / General