Security Wars : Patch Management Vs Reverse Engineering

Security Wars : Patch Management Vs Reverse Engineering

Do we know that more than 90 percent of vulnerabilities are exploited after they have been disclosed for more than a year.  Or, even worse, they are exploited even after months of release of their security patches.

How sensible are we as an organization or rather, I would say  a fractioned group of Security Governance and Security management ?

I am talking all this because the reality is security patches can be reverse engineered to create exploit for the same vulnerability.

Quoting from an old Bruce Schneier blog

"Attackers can simply wait for a patch to be released, use these techniques, and with reasonable chance, produce a working exploit within seconds"

-------

And now let me talk about real corporate scenario of which I have been part of many times ….

"Yogi, you want to patch a server. Not a problem, go to Change Management"

And my first thought "Yogi, your server will be compromised again"

And then, what it always happens to people like me. I filled up the form for change management.

First comes the change management process. And it will, of course, take some weeks now. Reasons are obvious.

1) Change form was not complete.

2) Risk assessment part was not filled

3) Our CAB meeting happens once a week.

4) No, you cannot put this as an emergency change as there is no loss of business.

5) Change Manager was on leave on the date of CAB meeting … ha ha

And this just goes on and on …

I just want to put across one point. Above was just an example of path we in a corporate often takes.

Now, my bullet point is :

We as a security community and corporate management are a confused blend of experienced Industry experts, who are just making standards and frameworks and processes but are never getting enough common platform to let all this melt together into a single matured and a secured world.

But, in all this, I do not know how many systems are getting compromised but certainly the quality of security has been compromised.

要查看或添加评论,请登录

Yogesh Gupta的更多文章

  • ?? Business Value of Technology: More Than Just Tools! ??

    ?? Business Value of Technology: More Than Just Tools! ??

    In today’s fast-paced world, technology isn’t just a support function—it’s the core of business innovation and growth…

    3 条评论
  • IT Infrastructure challenges for digital payments

    IT Infrastructure challenges for digital payments

    The IT infrastructure supporting digital payments is critical to ensuring secure, fast, and reliable financial…

    2 条评论
  • How to Improve Your Cloud Infrastructure

    How to Improve Your Cloud Infrastructure

    A guide to help you assess, define, create, provide, establish, and improve your cloud infrastructure in the company…

  • Cloud computing - Rush for gold

    Cloud computing - Rush for gold

    Lot of IT folks come up to me and have one thing to say - how do we move to computing ? what should we learn ? I want…

    2 条评论
  • Moving apps to cloud : Are you ready ?

    Moving apps to cloud : Are you ready ?

    Cloud! Cloud! Cloud! So much has been written and talked about it, that, people have started thinking whether it is for…

    1 条评论
  • Securing your Cloud : Layered Defence

    Securing your Cloud : Layered Defence

    Security is one of the top concerns when people think about moving or adopting to cloud technology which remains the…

  • DDoS : The Bigger Story

    DDoS : The Bigger Story

    Has anybody heard of DDoS-as-a-service ? We are so much into cloud computing now and we talk about the big three of…

    2 条评论
  • Evolution of Traditional Load Balancer into Application Delivery Controllers

    Evolution of Traditional Load Balancer into Application Delivery Controllers

    Confidentiality, Integrity and Availability (C-I-A Triad) has been the basis and most essential elements from the time…

  • Do we understand "Advanced Persistent Threats" correctly ?

    Do we understand "Advanced Persistent Threats" correctly ?

    Advanced Persistent Threat (APT) is often defined as a network attack where the bad guy comes in and stays in the…

社区洞察

其他会员也浏览了