Extreme Exploits: Advanced Defenses Against Hardcore Hacks (Hacking Exposed)
| | ||
| | ||
| | ||
| Step | Description |
|---|---|
| Obtain a source for vulnerability and patch information. | This may be accomplished by gathering freely available public information, or more optimally, subscribing to a commercial intelligence service. |
| Develop a mechanism to prioritize vulnerabilities. | This should be combined with a parallel capability incorporating (1) asset discovery, (2) vulnerability discovery, and/or (3) patch discovery. |
| Develop a deployment policy. | Develop a policy around the scheduling of both expected and unexpected security patches. |
| Procure deployment technologies. | Deploy the appropriate technology to facilitate the actual patch installation across your enterprise. |
Recommended Reading
-
https ://www.first.org/cvss/
-
http://www.microsoft.com/technet/security/tools/mbsahome.mspx
-
http://www.microsoft.com/windowsserversystem/updateservices/evaluation/overview.mspx
| | ||
| | ||
| | ||