Virtual patching: Your Guide to Hardening Defenses

“Make do and mend.” If you work in IT security, this slogan, from a pamphlet issued by the British government in 1943, probably resonates. In security, constant mending—i.e. patching, is a fact of life. So what is virtual patching and why would you need it?

Vulnerability management has been critical since cybersecurity year zero But the struggle to find vulnerabilities and deploy patches to fix them has become much more complicated. It can be almost impossible for organizations that rely on legacy systems or vast numbers of endpoints to keep on top of critical vulnerabilities. CVE-2017-0199 (patched in 2017) is still one of the most exploited vulnerabilities today.

Virtual patching doesn’t get rid of the need to patch bugs. What it does is protect out-of-patch applications from exploits, giving organizations more time to get applications up to date. For most companies that find patching difficult or, in some cases, impossible, virtual patching can be a security lifeline. 

What Exactly is a Virtual Patch?

Virtual patching is a vendor-supplied stop-gap measure for reducing exploit risk. Thousands of firms use it to keep applications with known vulnerabilities safe until they can be fully patched. Technically speaking, virtual patching works by mitigating

Read More: