Paradigm shift – live patching as a core security concern
We’re still dealing with emerging threats the same way we were doing it 20 years ago. Patching systems on maintenance windows that are months apart, while it may meet current compliance requirements, does not provide an adequate response time to new vulnerabilities.
According to Cloudflare’s analysis, log4j was being exploited in the wild days before it was publicly disclosed. Add a few weeks on top of that until your next maintenance window to deploy patches and your organization is left unprotected for too long – and attackers will appreciate it.
A recent study found that 55% of organizations take over a month to deploy patches for critical security issues. Any cybersecurity specialist will know that is probably a month too much.
And the core concern for delaying these patching operations is availability. Until a security incident of some magnitude occurs, most organizations will not even consider alternative approaches, and that is unfortunate, as there are modern, and better, approaches to solve the problem – maintaining availability and at the same time patching the systems immediately rather than weeks in the future.
Learn how live patching works, how live patches are created and deployed, how they are different from traditional patches, and how little it would take to switch to a different paradigm around patching operations – with less effort, less risk, and more uptime.
Joao Correia is a Technical Evangelist at TuxCare with a long background in System Administration, where he learned the intricacies of keeping enterprise stakeholders happy and systems protected. Co-host at the Enterprise Linux Security podcast, where he shares his views on security, open-source and IT best practices, and on the TuxCare blog at tuxcare.com, where he covers at length the risks and benefits of open source solutions for secure Enterprise IT operation.