Security 101: Cloud-native Virtual Patching

Trend Micro -

As an enterprise’s online infrastructures become more complex — from their decentralization to the adoption of cloud, mobile, and internet-of-things (IoT) technologies — patch management has become an even more time-consuming and resource-intensive task. However, delaying or deferring the application of patches can be risky. Breaches could result in millions of dollars in financial losses, not to mention the hefty fines paid to authorities.

Besides data breaches, there’s also the looming threat of ransomware and targeted campaigns abusing unpatched vulnerabilities. And as the COVID-19 pandemic forced organizations to shift to remote work, the need to patch vulnerabilities in technologies used in this setup (such as VPN) is also heightened. In 2020, the VPN flaw CVE-2019-11510 already had nearly 800,000 detections despite being a relatively new vulnerability.

Trend Micro 2021 Annual Security Roundup: Navigating New Frontiers

What makes patching a challenge for enterprises? Here are some of the challenges that organizations face when implementing a vulnerability and patch management policy:

Business continuity. While regularly installing updates is a good practice, many organizations find the patching process so slow, disruptive, and costly that some opt to postpone it (or do away with it altogether) to avoid operational downtime. Number of vulnerabilities

Read More: https://www.trendmicro.com/en_us/devops/22/f/cloud-native-virtual-patching-101.html