SlideShare a Scribd company logo

Centralized Patch Management - Proven Security Approach for Ransomware Protection

Quick Heal Technologies Ltd.
Quick Heal Technologies Ltd.

Patch, patch and patch ! This has been the go-to mantra of security professionals and the recent WannaCry ransomware attack has highlighted its importance once again. Seqrite EPS with Centralized Patch Management - Proven Security Approach for Ransomware Protection

Technology
1 of 18
Download to read offline
www.Seqrite.com Centralized patch management solution for all Microsoft application vulnerability patching needs. Seqrite Endpoint Security. Patch Management : Overview Technical Training Department Quick Heal Technologies Ltd. 1
www.Seqrite.com Contents • What is Patch Management • Why patching plays an important role in every organization’s security? • Examples of incidents in which software vulnerabilities have been an enabler of security breaches • How does Seqrite help? • What can you do with SEPS Patch Management? • Patch Management Reports • Key Benefits of Patch Management 2
www.Seqrite.com What is Patch Management 3 Patch Patch Management A Patch is piece of software designed to update computer applications, programs to fix security vulnerabilities and other bugs in order to improve the usability or performance. Patch management is the process of using a strategy and plan of what patches should be applied to which systems at a specified time.
www.Seqrite.com Why Patching Plays a Crucial Role in Every Organization’s Security? 4
www.Seqrite.com 5 “Enterprises that implement a vulnerability management process will experience 90% fewer successful attacks...” Gartner, Predictions for IT Security Directors in 2007
www.Seqrite.com 6 As per data published by CVE Details, in 2016 the most vulnerable Windows applications were Adobe Flash Player, Adobe Reader, Adobe Acrobat, VLC media player, Oracle JRE(Java) and web browsers such as Firefox, IE etc. Important Stats
www.Seqrite.com 7 Important Stats
www.Seqrite.com MYTH REALITY We’re protected since we already have a firewall and an Intrusion Detection System. Despite all the attention that firewalls, anti-virus applications and Intrusion Detection System (IDS) receive, security vulnerabilities still plague organizations. Why patching plays an important role in every organization’s security? Our Company isn’t a target for attacks • If you look at recent events you will see, Ransomware like WannaCry and Troldesh attacked enterprises and systems at random, based on specific vulnerabilities. • On the other hand, it is not just large enterprises that need to be concerned about targeted attacks. • Any organization can become the target of a disgruntled employee, customer or contractor. So, it is important to move beyond the “it can’t happen to me” feeling of security.
www.Seqrite.com 9 • Here they release software/ Operating System attackers & hackers out there looking for loopholes and vulnerabilities that will let them in. • The fact is no software or Operating system is bullet proof. • Managing and updating software updates is a daunting challenge for enterprises. Why patching plays an important role in every organization’s security?
www.Seqrite.com Examples of incidents in which software vulnerabilities have been an enabler of security breaches In 2016, there were 702 million attempts to launch an exploit – malware that uses bugs in software to infect devices with additional malicious code like banking Trojans or ransomware. This is 24.54% more than in 2015. The number of corporate users attacked by exploits increased 28.35% to reach more than 690,000, or 15.76 % of all users attacked with exploits. India ranks 10th in the list of Global Web Application Attack Source Countries while it is fourth on the list of top target countries for web-application attacks, according to a new report by Akamai Technologies Inc., a global player in content delivery network.
www.Seqrite.com Recent Security Breach due to Windows Vulnerability Patch, patch and patch ! This has been the go-to mantra of security professionals and the recent WannaCry ransomware attack has highlighted its importance once again. A large number of PCs worldwide were not patched with the latest update from Microsoft windows which led to the recent WannaCry ransomware havoc worldwide. What was the scenario? • On Friday, 12 May 2017, over 200,000 computers across 150 countries including India were infected by the WannaCry ransomware attack. • WannaCry is a ransomware that encrypts all the data files on the infected computers and asks users to pay 300 USD to restore the files. If the ransom is not paid in three days it threatens to double the ransom amount. • Solution offered by Microsoft: Update your OS else apply MS17-010 patch on computers. Why did it happen? Microsoft had released patch for the same in March, 2017. However, systems that did not apply this patch were affected by the WannaCry ransomware Conclusion: Only those windows systems were affected by this Ransomware which were not patched by MS17-010 released by MS in Mar-17.This scenario could have been avoided if Patch Management was placed in networks to patch-up the systems on a single click.
www.Seqrite.com HOW SEQRITE Endpoint Security Helps?
www.Seqrite.com Seqrite EPS Patch Management 13 • Patch Management enables the centralized management for checking and installing the missing patches for the applications installed in your network. • Allows Administrator to download and apply only require patches on EPS Clients. • Not mandatory to have WSUS configured in your organizational network , allows to download updates directly from Microsoft Server. • Can be deployed on same EPS Console System or on a separate system also. • Not mandatory to have Network OS(Win Server OS) to deploy EPS PM Server, can be installed easily on either on Network OS or on client OS also. • Systematic reports availability on EPS Console Server about installed patched on endpoints. • Can be configured and applied to groups and policies separately as per organizations requirement.
www.Seqrite.com Patch Management: Overview 14 Patch Categorizations Missing Patches Automatic Installation Critical Important Moderate Low Unspecified Managing the Patch Frequency Exception Helps to detect and install missing patches for Microsoft & Non –Microsoft Applications and Windows OS Patches are categorized as per severity level, thus allowing to prioritize the patch install process Vulnerability may allow code execution without user interaction. Vulnerability may result in compromise of the confidentiality, integrity or availability of user data. Impact of vulnerability is mitigated to a significant degree by factors such as authentication requirement or applicability only to non-default configurations. Impact of vulnerability is comprehensively mitigated by the characteristics of the affected component. Vulnerability may result in random malfunctions. Scheduling the frequency of patch scanning is possible. If any client is offline during the scheduled time a notification is sent. Scheduling the system to automatically install missing patches is also possible. In production or testing environment, there may be a requirement where operating system or applications are required in the unpatched form. To facilitate this, patch install exclusion is provided where the admin can exclude endpoints from patch installation.
www.Seqrite.com Patch Management- Reports 15
www.Seqrite.com Patch Management- Key Benefits 16 Security: Patch Management helps to keep your network secure from malware attacker who targets software and OS vulnerabilities, by Auto download of patches based on the severity. Improves Productivity: Many times vendor bugs or unexpected crash of applications results into unwanted network downtime, Patch Management helps to keep all these things at bay by downloading such fixes in the form of patches. Compliance: Organizations need to be secure enough to be able to protect employee data, customer data etc. Unpatched applications are vulnerable to attack, which may further result in business loss, penalties and fines. Patch Management enables the organization to meet the compliance criteria. Better utilization of IT Department: Manual process of Patching systems and applications takes too much and efforts of IT team, Patch Management is an Automated Patching Tool which downloads and installs patches from centralized location. This helps to reduce the burden of IT staff. Endpoints are safeguarded against web based threats, these are threats which targets users while they are browsing the internet. Most of these programs target operating systems and programs such as: • Java • Adobe Reader • Windows OS and Internet Explorer
www.Seqrite.com References 17 • http://www.deccanchronicle.com/technology/in-other-news/220417/number-of-attacks-using-software- vulnerabilities-on-the-rise.html • https://www.beyondtrust.com/ • https://www.cvedetails.com/
www.Seqrite.com Thank You 18

Recommended

Next-Gen Security Solution: Gateway Protection
Next-Gen Security Solution: Gateway ProtectionNext-Gen Security Solution: Gateway Protection
Next-Gen Security Solution: Gateway ProtectionQuick Heal Technologies Ltd.
 
Best practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresBest practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresAlexander Benoit
 
Wannacry & Petya ransomware
Wannacry & Petya ransomwareWannacry & Petya ransomware
Wannacry & Petya ransomwareRaghavendra P.V
 
Anatomy of an Attack - Sophos Day Belux 2014
Anatomy of an Attack - Sophos Day Belux 2014Anatomy of an Attack - Sophos Day Belux 2014
Anatomy of an Attack - Sophos Day Belux 2014Sophos Benelux
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowIBM Security
 
Protecting Against Ransomware
Protecting Against RansomwareProtecting Against Ransomware
Protecting Against RansomwareSymantec
 
Ransomware: Can you protect against attacks?
Ransomware: Can you protect against attacks?Ransomware: Can you protect against attacks?
Ransomware: Can you protect against attacks?Osirium Limited
 
Integrated Tools in OSSIM
Integrated Tools in OSSIMIntegrated Tools in OSSIM
Integrated Tools in OSSIMAlienVault
 

Recommended

Next-Gen Security Solution: Gateway Protection
Next-Gen Security Solution: Gateway ProtectionNext-Gen Security Solution: Gateway Protection
Next-Gen Security Solution: Gateway ProtectionQuick Heal Technologies Ltd.
 
Best practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresBest practices to secure Windows10 with already included features
Best practices to secure Windows10 with already included featuresAlexander Benoit
 
Wannacry & Petya ransomware
Wannacry & Petya ransomwareWannacry & Petya ransomware
Wannacry & Petya ransomwareRaghavendra P.V
 
Anatomy of an Attack - Sophos Day Belux 2014
Anatomy of an Attack - Sophos Day Belux 2014Anatomy of an Attack - Sophos Day Belux 2014
Anatomy of an Attack - Sophos Day Belux 2014Sophos Benelux
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowIBM Security
 
Protecting Against Ransomware
Protecting Against RansomwareProtecting Against Ransomware
Protecting Against RansomwareSymantec
 
Ransomware: Can you protect against attacks?
Ransomware: Can you protect against attacks?Ransomware: Can you protect against attacks?
Ransomware: Can you protect against attacks?Osirium Limited
 
Integrated Tools in OSSIM
Integrated Tools in OSSIMIntegrated Tools in OSSIM
Integrated Tools in OSSIMAlienVault
 
Defending Servers - Cyber security webinar part 3
Defending Servers - Cyber security webinar part 3Defending Servers - Cyber security webinar part 3
Defending Servers - Cyber security webinar part 3F-Secure Corporation
 
Enterprise security: ransomware in enterprise and corporate entities
Enterprise security: ransomware in enterprise and corporate entitiesEnterprise security: ransomware in enterprise and corporate entities
Enterprise security: ransomware in enterprise and corporate entitiesQuick Heal Technologies Ltd.
 
Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...
Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...
Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...Digital Bond
 
Make Every Spin Count: Putting the Security Odds in Your Favor
Make Every Spin Count: Putting the Security Odds in Your FavorMake Every Spin Count: Putting the Security Odds in Your Favor
Make Every Spin Count: Putting the Security Odds in Your FavorDavid Perkins
 
Cerdant Security State of the Union
Cerdant Security State of the UnionCerdant Security State of the Union
Cerdant Security State of the UnionDavid Perkins
 
Defending Workstations - Cyber security webinar part 2
Defending Workstations - Cyber security webinar part 2Defending Workstations - Cyber security webinar part 2
Defending Workstations - Cyber security webinar part 2F-Secure Corporation
 
Investigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft WindowsInvestigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft WindowsAaron ND Sawmadal
 
A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?MenloSecurity
 
Thinking Differently About Security Protection and Prevention
Thinking Differently About Security Protection and PreventionThinking Differently About Security Protection and Prevention
Thinking Differently About Security Protection and PreventionDavid Perkins
 
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than EverAlienVault
 
Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...Marco Balduzzi
 
Web Application Firewall
Web Application FirewallWeb Application Firewall
Web Application FirewallChandrapal Badshah
 
The Enemy Within: Organizational Insight Through the Eyes of a Webserver
The Enemy Within: Organizational Insight Through the Eyes of a WebserverThe Enemy Within: Organizational Insight Through the Eyes of a Webserver
The Enemy Within: Organizational Insight Through the Eyes of a WebserverRamece Cave
 
Web Application Vulnerabilities
Web Application VulnerabilitiesWeb Application Vulnerabilities
Web Application VulnerabilitiesPreetish Panda
 
Automating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceAutomating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceQualys
 
Benefits of web application firewalls
Benefits of web application firewallsBenefits of web application firewalls
Benefits of web application firewallsEnclaveSecurity
 
Next Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension Inc.
 
Technical track kevin cardwell-10-00 am-solid-defense
Technical track kevin cardwell-10-00 am-solid-defenseTechnical track kevin cardwell-10-00 am-solid-defense
Technical track kevin cardwell-10-00 am-solid-defenseISSA LA
 
September 2012 Security Vulnerability Session
September 2012 Security Vulnerability SessionSeptember 2012 Security Vulnerability Session
September 2012 Security Vulnerability SessionKaseya
 
Finding the source of Ransomware - Wire data analytics
Finding the source of Ransomware - Wire data analyticsFinding the source of Ransomware - Wire data analytics
Finding the source of Ransomware - Wire data analyticsNetFort
 
Vulnerability , Malware and Risk
Vulnerability , Malware and RiskVulnerability , Malware and Risk
Vulnerability , Malware and RiskSecPod Technologies
 
Vulnerability Malware And Risk
Vulnerability Malware And RiskVulnerability Malware And Risk
Vulnerability Malware And RiskChandrashekhar B
 

More Related Content

What's hot

Defending Servers - Cyber security webinar part 3
Defending Servers - Cyber security webinar part 3Defending Servers - Cyber security webinar part 3
Defending Servers - Cyber security webinar part 3F-Secure Corporation
 
Enterprise security: ransomware in enterprise and corporate entities
Enterprise security: ransomware in enterprise and corporate entitiesEnterprise security: ransomware in enterprise and corporate entities
Enterprise security: ransomware in enterprise and corporate entitiesQuick Heal Technologies Ltd.
 
Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...
Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...
Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...Digital Bond
 
Make Every Spin Count: Putting the Security Odds in Your Favor
Make Every Spin Count: Putting the Security Odds in Your FavorMake Every Spin Count: Putting the Security Odds in Your Favor
Make Every Spin Count: Putting the Security Odds in Your FavorDavid Perkins
 
Cerdant Security State of the Union
Cerdant Security State of the UnionCerdant Security State of the Union
Cerdant Security State of the UnionDavid Perkins
 
Defending Workstations - Cyber security webinar part 2
Defending Workstations - Cyber security webinar part 2Defending Workstations - Cyber security webinar part 2
Defending Workstations - Cyber security webinar part 2F-Secure Corporation
 
Investigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft WindowsInvestigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft WindowsAaron ND Sawmadal
 
A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?MenloSecurity
 
Thinking Differently About Security Protection and Prevention
Thinking Differently About Security Protection and PreventionThinking Differently About Security Protection and Prevention
Thinking Differently About Security Protection and PreventionDavid Perkins
 
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than EverAlienVault
 
Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...Marco Balduzzi
 
The Enemy Within: Organizational Insight Through the Eyes of a Webserver
The Enemy Within: Organizational Insight Through the Eyes of a WebserverThe Enemy Within: Organizational Insight Through the Eyes of a Webserver
The Enemy Within: Organizational Insight Through the Eyes of a WebserverRamece Cave
 
Web Application Vulnerabilities
Web Application VulnerabilitiesWeb Application Vulnerabilities
Web Application VulnerabilitiesPreetish Panda
 
Automating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceAutomating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceQualys
 
Benefits of web application firewalls
Benefits of web application firewallsBenefits of web application firewalls
Benefits of web application firewallsEnclaveSecurity
 
Next Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension Inc.
 
Technical track kevin cardwell-10-00 am-solid-defense
Technical track kevin cardwell-10-00 am-solid-defenseTechnical track kevin cardwell-10-00 am-solid-defense
Technical track kevin cardwell-10-00 am-solid-defenseISSA LA
 
September 2012 Security Vulnerability Session
September 2012 Security Vulnerability SessionSeptember 2012 Security Vulnerability Session
September 2012 Security Vulnerability SessionKaseya
 
Finding the source of Ransomware - Wire data analytics
Finding the source of Ransomware - Wire data analyticsFinding the source of Ransomware - Wire data analytics
Finding the source of Ransomware - Wire data analyticsNetFort
 

What's hot (20)

Defending Servers - Cyber security webinar part 3
Defending Servers - Cyber security webinar part 3Defending Servers - Cyber security webinar part 3
Defending Servers - Cyber security webinar part 3
 
Enterprise security: ransomware in enterprise and corporate entities
Enterprise security: ransomware in enterprise and corporate entitiesEnterprise security: ransomware in enterprise and corporate entities
Enterprise security: ransomware in enterprise and corporate entities
 
Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...
Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...
Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...
 
Make Every Spin Count: Putting the Security Odds in Your Favor
Make Every Spin Count: Putting the Security Odds in Your FavorMake Every Spin Count: Putting the Security Odds in Your Favor
Make Every Spin Count: Putting the Security Odds in Your Favor
 
Cerdant Security State of the Union
Cerdant Security State of the UnionCerdant Security State of the Union
Cerdant Security State of the Union
 
Defending Workstations - Cyber security webinar part 2
Defending Workstations - Cyber security webinar part 2Defending Workstations - Cyber security webinar part 2
Defending Workstations - Cyber security webinar part 2
 
Investigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft WindowsInvestigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft Windows
 
A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?
 
Thinking Differently About Security Protection and Prevention
Thinking Differently About Security Protection and PreventionThinking Differently About Security Protection and Prevention
Thinking Differently About Security Protection and Prevention
 
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
 
Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...
 
Web Application Firewall
Web Application FirewallWeb Application Firewall
Web Application Firewall
 
The Enemy Within: Organizational Insight Through the Eyes of a Webserver
The Enemy Within: Organizational Insight Through the Eyes of a WebserverThe Enemy Within: Organizational Insight Through the Eyes of a Webserver
The Enemy Within: Organizational Insight Through the Eyes of a Webserver
 
Web Application Vulnerabilities
Web Application VulnerabilitiesWeb Application Vulnerabilities
Web Application Vulnerabilities
 
Automating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceAutomating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and Compliance
 
Benefits of web application firewalls
Benefits of web application firewallsBenefits of web application firewalls
Benefits of web application firewalls
 
Next Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA Compliance
 
Technical track kevin cardwell-10-00 am-solid-defense
Technical track kevin cardwell-10-00 am-solid-defenseTechnical track kevin cardwell-10-00 am-solid-defense
Technical track kevin cardwell-10-00 am-solid-defense
 
September 2012 Security Vulnerability Session
September 2012 Security Vulnerability SessionSeptember 2012 Security Vulnerability Session
September 2012 Security Vulnerability Session
 
Finding the source of Ransomware - Wire data analytics
Finding the source of Ransomware - Wire data analyticsFinding the source of Ransomware - Wire data analytics
Finding the source of Ransomware - Wire data analytics
 

Similar to Centralized Patch Management - Proven Security Approach for Ransomware Protection

Vulnerability , Malware and Risk
Vulnerability , Malware and RiskVulnerability , Malware and Risk
Vulnerability , Malware and RiskSecPod Technologies
 
Vulnerability Malware And Risk
Vulnerability Malware And RiskVulnerability Malware And Risk
Vulnerability Malware And RiskChandrashekhar B
 
INLINE_PATCH_PROXY_FOR_XEN_HYPERVISOR
INLINE_PATCH_PROXY_FOR_XEN_HYPERVISORINLINE_PATCH_PROXY_FOR_XEN_HYPERVISOR
INLINE_PATCH_PROXY_FOR_XEN_HYPERVISORNeha Rana
 
Getting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paperGetting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paperTawnia Beckwith
 
Ransomeware : A High Profile Attack
Ransomeware : A High Profile AttackRansomeware : A High Profile Attack
Ransomeware : A High Profile AttackIRJET Journal
 
It's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityIt's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityLumension
 
How Can I Reduce The Risk Of A Cyber-Attack?
How Can I Reduce The Risk Of A Cyber-Attack?How Can I Reduce The Risk Of A Cyber-Attack?
How Can I Reduce The Risk Of A Cyber-Attack?Osei Fortune
 
Running head UNPATCHED CLIENT SOFTWAREUNPATCHED CLIENT SOFTWARE.docx
Running head UNPATCHED CLIENT SOFTWAREUNPATCHED CLIENT SOFTWARE.docxRunning head UNPATCHED CLIENT SOFTWAREUNPATCHED CLIENT SOFTWARE.docx
Running head UNPATCHED CLIENT SOFTWAREUNPATCHED CLIENT SOFTWARE.docxtodd521
 
TECHNICAL BRIEF Protecting & Migrating Legacy Windows OSes
TECHNICAL BRIEF Protecting & Migrating Legacy Windows OSesTECHNICAL BRIEF Protecting & Migrating Legacy Windows OSes
TECHNICAL BRIEF Protecting & Migrating Legacy Windows OSesSymantec
 
Vulnerability Management System
Vulnerability Management SystemVulnerability Management System
Vulnerability Management SystemIRJET Journal
 
The uncool-security-hygiene
The uncool-security-hygieneThe uncool-security-hygiene
The uncool-security-hygieneThiagu Haldurai
 
Veracode Corporate Overview - Print
Veracode Corporate Overview - PrintVeracode Corporate Overview - Print
Veracode Corporate Overview - PrintAndrew Kanikuru
 
Essentials of Web Application Security: what it is, why it matters and how to...
Essentials of Web Application Security: what it is, why it matters and how to...Essentials of Web Application Security: what it is, why it matters and how to...
Essentials of Web Application Security: what it is, why it matters and how to...Cenzic
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)Norm Barber
 
Your Datacenter at risk? – Patching for the Datacenter
Your Datacenter at risk? – Patching for the DatacenterYour Datacenter at risk? – Patching for the Datacenter
Your Datacenter at risk? – Patching for the DatacenterIvanti
 
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New VulnerabilitiesProtect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New VulnerabilitiesSymantec
 

Similar to Centralized Patch Management - Proven Security Approach for Ransomware Protection (20)

Vulnerability , Malware and Risk
Vulnerability , Malware and RiskVulnerability , Malware and Risk
Vulnerability , Malware and Risk
 
Vulnerability Malware And Risk
Vulnerability Malware And RiskVulnerability Malware And Risk
Vulnerability Malware And Risk
 
Globally.docx
Globally.docxGlobally.docx
Globally.docx
 
Patch management
Patch managementPatch management
Patch management
 
INLINE_PATCH_PROXY_FOR_XEN_HYPERVISOR
INLINE_PATCH_PROXY_FOR_XEN_HYPERVISORINLINE_PATCH_PROXY_FOR_XEN_HYPERVISOR
INLINE_PATCH_PROXY_FOR_XEN_HYPERVISOR
 
Getting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paperGetting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paper
 
Ransomeware : A High Profile Attack
Ransomeware : A High Profile AttackRansomeware : A High Profile Attack
Ransomeware : A High Profile Attack
 
It's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityIt's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint Security
 
How Can I Reduce The Risk Of A Cyber-Attack?
How Can I Reduce The Risk Of A Cyber-Attack?How Can I Reduce The Risk Of A Cyber-Attack?
How Can I Reduce The Risk Of A Cyber-Attack?
 
Vulnerability and Patch Management
Vulnerability and Patch ManagementVulnerability and Patch Management
Vulnerability and Patch Management
 
Running head UNPATCHED CLIENT SOFTWAREUNPATCHED CLIENT SOFTWARE.docx
Running head UNPATCHED CLIENT SOFTWAREUNPATCHED CLIENT SOFTWARE.docxRunning head UNPATCHED CLIENT SOFTWAREUNPATCHED CLIENT SOFTWARE.docx
Running head UNPATCHED CLIENT SOFTWAREUNPATCHED CLIENT SOFTWARE.docx
 
TECHNICAL BRIEF Protecting & Migrating Legacy Windows OSes
TECHNICAL BRIEF Protecting & Migrating Legacy Windows OSesTECHNICAL BRIEF Protecting & Migrating Legacy Windows OSes
TECHNICAL BRIEF Protecting & Migrating Legacy Windows OSes
 
Vulnerability Management System
Vulnerability Management SystemVulnerability Management System
Vulnerability Management System
 
The uncool-security-hygiene
The uncool-security-hygieneThe uncool-security-hygiene
The uncool-security-hygiene
 
Veracode Corporate Overview - Print
Veracode Corporate Overview - PrintVeracode Corporate Overview - Print
Veracode Corporate Overview - Print
 
Essentials of Web Application Security: what it is, why it matters and how to...
Essentials of Web Application Security: what it is, why it matters and how to...Essentials of Web Application Security: what it is, why it matters and how to...
Essentials of Web Application Security: what it is, why it matters and how to...
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)
 
Your Datacenter at risk? – Patching for the Datacenter
Your Datacenter at risk? – Patching for the DatacenterYour Datacenter at risk? – Patching for the Datacenter
Your Datacenter at risk? – Patching for the Datacenter
 
ProjectReport_Finalversion
ProjectReport_FinalversionProjectReport_Finalversion
ProjectReport_Finalversion
 
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New VulnerabilitiesProtect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
 

More from Quick Heal Technologies Ltd.

31 Internet Security Tips on CyberSecurity Month Ocotober
31 Internet Security Tips on CyberSecurity Month Ocotober31 Internet Security Tips on CyberSecurity Month Ocotober
31 Internet Security Tips on CyberSecurity Month OcotoberQuick Heal Technologies Ltd.
 
How a Ransomware Infects your Computer [INFOGRAPHIC]
How a Ransomware Infects your Computer [INFOGRAPHIC]How a Ransomware Infects your Computer [INFOGRAPHIC]
How a Ransomware Infects your Computer [INFOGRAPHIC]Quick Heal Technologies Ltd.
 
Protecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareProtecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareQuick Heal Technologies Ltd.
 
Seqrite Data Loss Prevention- Complete Protection from Data Theft and Data Loss
Seqrite Data Loss Prevention- Complete Protection from Data Theft and Data LossSeqrite Data Loss Prevention- Complete Protection from Data Theft and Data Loss
Seqrite Data Loss Prevention- Complete Protection from Data Theft and Data LossQuick Heal Technologies Ltd.
 
Seqrite EPS 7.0 launched in Poland by valued distributors, IT Dystrybucja 24
Seqrite EPS 7.0 launched in Poland by valued distributors, IT Dystrybucja 24Seqrite EPS 7.0 launched in Poland by valued distributors, IT Dystrybucja 24
Seqrite EPS 7.0 launched in Poland by valued distributors, IT Dystrybucja 24Quick Heal Technologies Ltd.
 
Jnana Sangama Day 1 - National convention for higher education
Jnana Sangama Day 1 - National convention for higher educationJnana Sangama Day 1 - National convention for higher education
Jnana Sangama Day 1 - National convention for higher educationQuick Heal Technologies Ltd.
 

More from Quick Heal Technologies Ltd. (20)

Digital Threat Landscape
Digital Threat LandscapeDigital Threat Landscape
Digital Threat Landscape
 
Cybersecurity in Banking Sector
Cybersecurity in Banking SectorCybersecurity in Banking Sector
Cybersecurity in Banking Sector
 
31 Internet Security Tips on CyberSecurity Month Ocotober
31 Internet Security Tips on CyberSecurity Month Ocotober31 Internet Security Tips on CyberSecurity Month Ocotober
31 Internet Security Tips on CyberSecurity Month Ocotober
 
How a Ransomware Infects your Computer [INFOGRAPHIC]
How a Ransomware Infects your Computer [INFOGRAPHIC]How a Ransomware Infects your Computer [INFOGRAPHIC]
How a Ransomware Infects your Computer [INFOGRAPHIC]
 
Protecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry RansomwareProtecting Your organization from WannaCry Ransomware
Protecting Your organization from WannaCry Ransomware
 
Seqrite Data Loss Prevention- Complete Protection from Data Theft and Data Loss
Seqrite Data Loss Prevention- Complete Protection from Data Theft and Data LossSeqrite Data Loss Prevention- Complete Protection from Data Theft and Data Loss
Seqrite Data Loss Prevention- Complete Protection from Data Theft and Data Loss
 
Is Antivirus (AV) Dead or Just Missing in Action
Is Antivirus (AV) Dead or Just Missing in Action Is Antivirus (AV) Dead or Just Missing in Action
Is Antivirus (AV) Dead or Just Missing in Action
 
Safeguard your enterprise against ransomware
Safeguard your enterprise against ransomwareSafeguard your enterprise against ransomware
Safeguard your enterprise against ransomware
 
Data Security in Healthcare
Data Security in HealthcareData Security in Healthcare
Data Security in Healthcare
 
GITEX 2016, Dubai
GITEX 2016, Dubai GITEX 2016, Dubai
GITEX 2016, Dubai
 
Seqrite EPS 7.0 launched in Poland by valued distributors, IT Dystrybucja 24
Seqrite EPS 7.0 launched in Poland by valued distributors, IT Dystrybucja 24Seqrite EPS 7.0 launched in Poland by valued distributors, IT Dystrybucja 24
Seqrite EPS 7.0 launched in Poland by valued distributors, IT Dystrybucja 24
 
Maharashtra Cooperative Summit 2016
Maharashtra Cooperative Summit 2016Maharashtra Cooperative Summit 2016
Maharashtra Cooperative Summit 2016
 
Seqrite Hyderabad Meet 2016
Seqrite Hyderabad Meet 2016 Seqrite Hyderabad Meet 2016
Seqrite Hyderabad Meet 2016
 
Seqrite CXO Meet, Ahmedabad, India
Seqrite CXO Meet, Ahmedabad, IndiaSeqrite CXO Meet, Ahmedabad, India
Seqrite CXO Meet, Ahmedabad, India
 
Fonetastic ppt
Fonetastic pptFonetastic ppt
Fonetastic ppt
 
Seqrite Launch Event in Athens, Greece.
Seqrite Launch Event in Athens, Greece.Seqrite Launch Event in Athens, Greece.
Seqrite Launch Event in Athens, Greece.
 
BFSI Leadership Summit, Mumbai
BFSI Leadership Summit, MumbaiBFSI Leadership Summit, Mumbai
BFSI Leadership Summit, Mumbai
 
Jnana Sangama Day 1 - National convention for higher education
Jnana Sangama Day 1 - National convention for higher educationJnana Sangama Day 1 - National convention for higher education
Jnana Sangama Day 1 - National convention for higher education
 
Event S-Mart Milan, Italy - May 2016
Event S-Mart Milan, Italy - May 2016Event S-Mart Milan, Italy - May 2016
Event S-Mart Milan, Italy - May 2016
 
Event S-Mart 2016 Florence, Italy - April 2016
Event S-Mart 2016 Florence, Italy - April 2016Event S-Mart 2016 Florence, Italy - April 2016
Event S-Mart 2016 Florence, Italy - April 2016
 

Recently uploaded

React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Mark Simos
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxfnnc6jmgwh
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 

Recently uploaded (20)

React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 

Centralized Patch Management - Proven Security Approach for Ransomware Protection

  • 1. www.Seqrite.com Centralized patch management solution for all Microsoft application vulnerability patching needs. Seqrite Endpoint Security. Patch Management : Overview Technical Training Department Quick Heal Technologies Ltd. 1
  • 2. www.Seqrite.com Contents • What is Patch Management • Why patching plays an important role in every organization’s security? • Examples of incidents in which software vulnerabilities have been an enabler of security breaches • How does Seqrite help? • What can you do with SEPS Patch Management? • Patch Management Reports • Key Benefits of Patch Management 2
  • 3. www.Seqrite.com What is Patch Management 3 Patch Patch Management A Patch is piece of software designed to update computer applications, programs to fix security vulnerabilities and other bugs in order to improve the usability or performance. Patch management is the process of using a strategy and plan of what patches should be applied to which systems at a specified time.
  • 4. www.Seqrite.com Why Patching Plays a Crucial Role in Every Organization’s Security? 4
  • 5. www.Seqrite.com 5 “Enterprises that implement a vulnerability management process will experience 90% fewer successful attacks...” Gartner, Predictions for IT Security Directors in 2007
  • 6. www.Seqrite.com 6 As per data published by CVE Details, in 2016 the most vulnerable Windows applications were Adobe Flash Player, Adobe Reader, Adobe Acrobat, VLC media player, Oracle JRE(Java) and web browsers such as Firefox, IE etc. Important Stats
  • 8. www.Seqrite.com MYTH REALITY We’re protected since we already have a firewall and an Intrusion Detection System. Despite all the attention that firewalls, anti-virus applications and Intrusion Detection System (IDS) receive, security vulnerabilities still plague organizations. Why patching plays an important role in every organization’s security? Our Company isn’t a target for attacks • If you look at recent events you will see, Ransomware like WannaCry and Troldesh attacked enterprises and systems at random, based on specific vulnerabilities. • On the other hand, it is not just large enterprises that need to be concerned about targeted attacks. • Any organization can become the target of a disgruntled employee, customer or contractor. So, it is important to move beyond the “it can’t happen to me” feeling of security.
  • 9. www.Seqrite.com 9 • Here they release software/ Operating System attackers & hackers out there looking for loopholes and vulnerabilities that will let them in. • The fact is no software or Operating system is bullet proof. • Managing and updating software updates is a daunting challenge for enterprises. Why patching plays an important role in every organization’s security?
  • 10. www.Seqrite.com Examples of incidents in which software vulnerabilities have been an enabler of security breaches In 2016, there were 702 million attempts to launch an exploit – malware that uses bugs in software to infect devices with additional malicious code like banking Trojans or ransomware. This is 24.54% more than in 2015. The number of corporate users attacked by exploits increased 28.35% to reach more than 690,000, or 15.76 % of all users attacked with exploits. India ranks 10th in the list of Global Web Application Attack Source Countries while it is fourth on the list of top target countries for web-application attacks, according to a new report by Akamai Technologies Inc., a global player in content delivery network.
  • 11. www.Seqrite.com Recent Security Breach due to Windows Vulnerability Patch, patch and patch ! This has been the go-to mantra of security professionals and the recent WannaCry ransomware attack has highlighted its importance once again. A large number of PCs worldwide were not patched with the latest update from Microsoft windows which led to the recent WannaCry ransomware havoc worldwide. What was the scenario? • On Friday, 12 May 2017, over 200,000 computers across 150 countries including India were infected by the WannaCry ransomware attack. • WannaCry is a ransomware that encrypts all the data files on the infected computers and asks users to pay 300 USD to restore the files. If the ransom is not paid in three days it threatens to double the ransom amount. • Solution offered by Microsoft: Update your OS else apply MS17-010 patch on computers. Why did it happen? Microsoft had released patch for the same in March, 2017. However, systems that did not apply this patch were affected by the WannaCry ransomware Conclusion: Only those windows systems were affected by this Ransomware which were not patched by MS17-010 released by MS in Mar-17.This scenario could have been avoided if Patch Management was placed in networks to patch-up the systems on a single click.
  • 13. www.Seqrite.com Seqrite EPS Patch Management 13 • Patch Management enables the centralized management for checking and installing the missing patches for the applications installed in your network. • Allows Administrator to download and apply only require patches on EPS Clients. • Not mandatory to have WSUS configured in your organizational network , allows to download updates directly from Microsoft Server. • Can be deployed on same EPS Console System or on a separate system also. • Not mandatory to have Network OS(Win Server OS) to deploy EPS PM Server, can be installed easily on either on Network OS or on client OS also. • Systematic reports availability on EPS Console Server about installed patched on endpoints. • Can be configured and applied to groups and policies separately as per organizations requirement.
  • 14. www.Seqrite.com Patch Management: Overview 14 Patch Categorizations Missing Patches Automatic Installation Critical Important Moderate Low Unspecified Managing the Patch Frequency Exception Helps to detect and install missing patches for Microsoft & Non –Microsoft Applications and Windows OS Patches are categorized as per severity level, thus allowing to prioritize the patch install process Vulnerability may allow code execution without user interaction. Vulnerability may result in compromise of the confidentiality, integrity or availability of user data. Impact of vulnerability is mitigated to a significant degree by factors such as authentication requirement or applicability only to non-default configurations. Impact of vulnerability is comprehensively mitigated by the characteristics of the affected component. Vulnerability may result in random malfunctions. Scheduling the frequency of patch scanning is possible. If any client is offline during the scheduled time a notification is sent. Scheduling the system to automatically install missing patches is also possible. In production or testing environment, there may be a requirement where operating system or applications are required in the unpatched form. To facilitate this, patch install exclusion is provided where the admin can exclude endpoints from patch installation.
  • 16. www.Seqrite.com Patch Management- Key Benefits 16 Security: Patch Management helps to keep your network secure from malware attacker who targets software and OS vulnerabilities, by Auto download of patches based on the severity. Improves Productivity: Many times vendor bugs or unexpected crash of applications results into unwanted network downtime, Patch Management helps to keep all these things at bay by downloading such fixes in the form of patches. Compliance: Organizations need to be secure enough to be able to protect employee data, customer data etc. Unpatched applications are vulnerable to attack, which may further result in business loss, penalties and fines. Patch Management enables the organization to meet the compliance criteria. Better utilization of IT Department: Manual process of Patching systems and applications takes too much and efforts of IT team, Patch Management is an Automated Patching Tool which downloads and installs patches from centralized location. This helps to reduce the burden of IT staff. Endpoints are safeguarded against web based threats, these are threats which targets users while they are browsing the internet. Most of these programs target operating systems and programs such as: • Java • Adobe Reader • Windows OS and Internet Explorer