Comments on: 3 Reasons Against Patch Tuesday http://www.savidtech.com/blog/network-security/3-reasons-against-patch-tuesday/ Savid Technologies thoughts on technology, IT, information security, and business Sat, 15 May 2010 02:01:29 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: RickSheikh http://www.savidtech.com/blog/network-security/3-reasons-against-patch-tuesday/comment-page-1/#comment-62 RickSheikh Tue, 01 Sep 2009 15:13:38 +0000 http://www.whatevercompliance.com/?p=196#comment-62 It has not ceased to amaze me how much confusion there seems to be within an Internal Security Team at a firm regarding finding the right "patch cycle". I have heard suggestions from "patch every 3 days" to "quarterly patching" and with latter the vulnerability threshold exceeding up to 3 Patch Tuesdays, and with a reasonable guess based on the trend, that vulnerability amounts to being 25 critical patches behind on your business critical systems. Regarding the point # 2 raised in your post. I usually take care of that by using Patch Management Solution that pre-stage the patches internally (such as WSUS) on the Patch Tuesday, so the down-level streaming to the clients happen internally thus consuming no external bandwidth. -Rick It has not ceased to amaze me how much confusion there seems to be within an Internal Security Team at a firm regarding finding the right “patch cycle”. I have heard suggestions from “patch every 3 days” to “quarterly patching” and with latter the vulnerability threshold exceeding up to 3 Patch Tuesdays, and with a reasonable guess based on the trend, that vulnerability amounts to being 25 critical patches behind on your business critical systems.

Regarding the point # 2 raised in your post. I usually take care of that by using Patch Management Solution that pre-stage the patches internally (such as WSUS) on the Patch Tuesday, so the down-level streaming to the clients happen internally thus consuming no external bandwidth.

-Rick

]]> By: 3 Reasons Against Patch Tuesday | Whatever Compliance – Michael A … | Hack In The Box http://www.savidtech.com/blog/network-security/3-reasons-against-patch-tuesday/comment-page-1/#comment-56 3 Reasons Against Patch Tuesday | Whatever Compliance – Michael A … | Hack In The Box Wed, 29 Jul 2009 05:04:27 +0000 http://www.whatevercompliance.com/?p=196#comment-56 [...] the original post: 3 Reasons Against Patch Tuesday | Whatever Compliance – Michael A … Share and [...] [...] the original post: 3 Reasons Against Patch Tuesday | Whatever Compliance – Michael A … Share and [...]

]]>