|
|
|
Project Quant Patch Management Survey Summary and Results Available for Download |
Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Project Quant Patch Management Survey Summary and Results Available for Download Par Jeff Jones Security BlogLe [2009-07-28] à 04:23:25
Présentation : survey-report-dover I am extremely excited to announce that Rich Mogull and I believe we are ready to publish two key deliverables for Project Quant today and make them available for download. I describe the other one, Measuring and Optimizing Patch Management an Open Model , in another post. Below is an excerpt from the survery summary and analysis and you can download the full report at http securosis.com research publication project-quant-survey-results-and-analysis . Key Findings As part of the Project Quant community effort to develop a well-defined patch management cost model, the project team fielded a survey of patch management questions covering aspects of the patch management process. While we believe this survey, due to self-selective participation, is biased towards companies with active patch management efforts, the results were informative in that context. Key findings from the survey include Most companies were driven by compliance regulation, usually more than one regulation applied Process maturity was generally high for operating systems, but low for other asset types such as applications and drivers see chart Companies tend to utilize multiple vendor and 3rd-party tools in their patch management process 40pourcents of companies depend on user complaints as one factor for patch validation survey-chart Combining these Results with Security Trends I am also a contributor for the Microsoft Security Intelligence Report, where I look at vulnerability trends across the industry. One of the trends we ve observed over the past several periods is that vulnerability research, as well as malicious attack trends, seem to be increasingly focused on non-OS software applications, drivers and so on. Combining this trend with the Project Quant survey findings, we have increasing risk in non-OS software such as applications lower patch management maturity for non-OS software These two finding together identify an clear call to action for administrators to review their patch management processes for ways to increase their ability to manage software assets beyond workstations and general servers. Download the full report at http securosis.com research publication project-quant-survey-results-and-analysis . Regards Jeff
Les mots clés de la revue de presse pour cet article : patch
Les videos sur SecuObs pour les mots clés : patch
Les mots clés pour les articles publiés sur SecuObs : patch
Les éléments de la revue Twitter pour les mots clé : patch
Les derniers articles du site "Jeff Jones Security Blog" :
- Scott Charney Deconstructing Cyber Threat
- Nobody Attacks Thinking About The Apache.org Attacks
- sPAM of the Day Auditor Wants to Share 100M of Abandoned MOney
- Miami-dade Inmates Hack the Phone System, Charge Calls to Strangers
- SDL Awareness and Adoption High Among Security Professionals
- Be Safer - Run as Standard User
- Computerworld Apple delivers record monster security update
- Change Your Tweetdeck Account Password
- Profile of A Global Cybercrime Business Innovative Marketing
- Woot New Laptop
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Si vous voulez bloquer ce service sur vos fils RSS :
- avec iptables "iptables -A INPUT -s 88.191.75.173 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.191.75.173 to any 80"
- Nous contacter par mail
| Mini-Tagwall des articles publiés sur SecuObs : | | | | sécurité, exploit, windows, attaque, outil, microsoft, réseau, audit, metasploit, vulnérabilité, système, virus, internet, usbsploit, données, source, linux, protocol, présentation, scanne, réseaux, scanner, bluetooth, conférence, reverse, shell, meterpreter, vista, rootkit, détection, mobile, security, malicieux, engineering, téléphone, paquet, trames, https, noyau, utilisant, intel, wishmaster, google, sysun, libre |
| Mini-Tagwall de l'annuaire video : | | | | curit, security, biomet, metasploit, biometric, cking, password, windows, botnet, defcon, tutorial, crypt, xploit, exploit, lockpicking, linux, attack, wireshark, vmware, rootkit, conference, network, shmoocon, backtrack, virus, conficker, elcom, etter, elcomsoft, server, meterpreter, openvpn, ettercap, openbs, iphone, shell, openbsd, iptables, securitytube, deepsec, source, office, systm, openssh, radio |
| Mini-Tagwall des articles de la revue de presse : | | | | security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone, server, inject, patch, apple, twitter, mobile, virus, ebook, facebook, vulnérabilité, crypt, source, linux, password, intel, research, virtual, phish, access, tutorial, trojan, social, privacy, firefox, adobe, overflow, office, cisco, conficker, botnet, pirate, sécurité |
| Mini-Tagwall des Tweets de la revue Twitter : | | | | security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall, network, twitter, vmware, windows, microsoft, compliance, vulnerability, python, engineering, source, kernel, crypt, social, overflow, nessus, crack, hacker, virus, iphone, patch, virtual, javascript, malware, conficker, pentest, research, email, password, adobe, apache, proxy, backtrack |
|
|
|
|
|
