Date Published: February 2006
Author(s)
Shirley Radack (NIST)
This bulletin provides information for organizational security managers who are responsible for designing and implementing security patch and vulnerability management programs and for testing the effectiveness of the programs in reducing vulnerabilities. The information is also useful to system administrators and operations personnel who are responsible for applying and testing patches and for deploying solutions to vulnerability problems. The bulletin discusses the need for timely patching of software to maintain the operational availability, confidentiality, and integrity of IT systems. It summarizes NIST recommendations for implementing a systematic, accountable, and documented process for managing exposure to vulnerabilities through the timely deployment of patches. References and sources of information on patch and vulnerability management are provided.
This bulletin provides information for organizational security managers who are responsible for designing and implementing security patch and vulnerability management programs and for testing the effectiveness of the programs in reducing vulnerabilities. The information is also useful to system...
See full abstract
This bulletin provides information for organizational security managers who are responsible for designing and implementing security patch and vulnerability management programs and for testing the effectiveness of the programs in reducing vulnerabilities. The information is also useful to system administrators and operations personnel who are responsible for applying and testing patches and for deploying solutions to vulnerability problems. The bulletin discusses the need for timely patching of software to maintain the operational availability, confidentiality, and integrity of IT systems. It summarizes NIST recommendations for implementing a systematic, accountable, and documented process for managing exposure to vulnerabilities through the timely deployment of patches. References and sources of information on patch and vulnerability management are provided.
Hide full abstract
Keywords
Homeland Security; information technology security; patch management; security management; security patches; system administration; vulnerabilities
Control Families
Awareness and Training; Configuration Management; Planning; Risk Assessment
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
