Get a glimpse inside the e-book "The complete patch management book" by Anne Stanton, president of Norwich Group, and Susan Bradley, Microsoft Small Business Server MVP. This series of book excerpts will help you navigate Chapter 1, "What is patch management?," courtesy of Ecora. Click for the complete book excerpt series.
The road ahead
In the coming sections we will discuss patch methodologies, risk management as applied to patching, and development of a patch team. We will analyze a security bulletin to find resources to determine if exploit code is already on the Internet and thus having an impact on a patch timing decision. We will discuss ways to set up a lab environment for testing patches and the procedures that you should review when ensuring that the security updates perform as expected. We will point to resources for proof of concept code or other techniques you can use to confirm patch status. We will discuss ways of enforcing patch management policy. We will discuss cases where you cannot patch because of vendor limitations or the lack of a patch, and what mitigation information and resources you can look for. While we focus primarily on Microsoft technologies, we will be vendor neutral in the use and recommendation of patching tools and give you resources to assist you in making your choice.
Whatever technology or process you use to manage patches, both the application and the reporting are key elements in ensuring that systems remain safe and secure. Ensuring that the patch or mediation technique performs as expected is central to any patch strategy.
Return to the full book excerpt series.
Click for book details or get more information from Ecora.