Building a foundation of trust through robust security

purple square objects stacked

Vulnerability and patch management

Patch management is a system of tools and protocols used to acquire, test, and install changes to software or ancillary data that are designed to update, fix, or improve the software or ancillary data—the “patch.” Patches are typically released to address known issues in software or data, such as a software bug or a security vulnerability.

Patch management

Applying available patches against known vulnerabilities is fundamental to securing networks and data and mitigating legal risks associated with data breaches. Some of the largest data breach enforcement actions in the world specifically cite a lack of appropriate patching against known vulnerabilities as a contributing factor to the record fines levied against companies that experienced data breaches. This is true even though the data breach was a direct result of a malicious actor exploiting the vulnerabilities, and not the mere presences of the unpatched vulnerabilities.

Patch management is an integral part of reasonable security measures for the protection of personal data. While not all patches are necessary to secure the privacy or security of data, a patch management system is considered a standard feature of a reasonable security program. The patch management system provides a scalable and systematic means by which to evaluate individual risks associated with a given bug or vulnerability. Failure to implement a published patch against a known vulnerability can considerably limit an enterprise’s ability to defend against data breach lawsuits.

Patch management can also be a key driver of digital transformation efforts. Enterprises seek to take advantage of shared responsibility models that allow cloud service providers to manage hardware and infrastructure patch management, so that the enterprise can focus its talents on application and data set patch management.

Vulnerability reporting

Effective patch management requires a healthy and well-maintained vulnerability handling program. NetApp participates in security communities that track published vulnerabilities and maintains a program where customers and researchers outside of these communities can submit information about potential vulnerabilities. Vulnerabilities are scored and tracked according to our vulnerability and response handling policy, and patches are released in the form of Security Advisories.

blue pyramid, cube, sphare, cylinder balanced
Connect with NetApp Image