As an enterprise’s online infrastructures become more complex — from their decentralization to the adoption of cloud, mobile, and internet-of-things (IoT) technologies — patch management has become an even more time-consuming and resource-intensive task.
However, delaying or deferring the application of patches can be risky. The Equifax data breach in 2017 is an example of how risky it can get. The incident, which exposed millions of its customers’ personally identifiable information, was ultimately attributed to a web application vulnerability that the organization failed to patch. When the dust settled, Equifax estimated that the incident cost up to US$439 million in financial losses, besides the £500,000 (US$660,000) fine issued by the U.K.’s Information Commissioner’s Office (ICO).
[Trend Micro Annual Security Roundup: Notable Vulnerabilities Disclosed and Exploited in 2018]
[Trend Micro 2019 Security Prediction: 99.99% of Exploit-Based Attacks Will Still Not Be Based on 0-Day Vulnerabilities]
Once a vulnerability is disclosed, reported, or discovered, it is a race against time for enterprises. For cybercriminals and threat actors, it’s an opportunity. An average organization, for instance, reportedly takes around 69 days to patch a critical vulnerability in its application. Businesses in the U.K. took an average of 60 days to determine that they’ve been breached.
This window of exposure leaves unpatched systems susceptible to threats. When an official patch for a content management framework vulnerability was released in July 2018, attackers started exploiting the flaw to deliver cryptocurrency-mining malware within five hours. In April 2019, a day before the vendor provider patched a zero-day vulnerability in its application server, cybercriminals actively exploited it to install ransomware.
The 2018 threat landscape saw attackers increasingly using exploits such as Dirty COW and EternalBlue for known and already-patched security flaws. In fact, 57% of surveyed organizations that suffered data breaches in 2016 and 2017 reported that the breaches were caused by a known vulnerability for which a patch was already available.
Virtual patching — or vulnerability shielding — acts as a safety measure against threats that exploit known and unknown vulnerabilities. Virtual patching works by implementing layers of security policies and rules that prevent and intercept an exploit from taking network paths to and from a vulnerability.
A good virtual patching solution should be multilayered. This includes capabilities that inspect and block malicious activity from business-critical traffic; detect and prevent intrusions; thwart attacks on web-facing applications; and adaptably deploy on physical, virtual, or cloud environments.
Here’s how virtual patching augments an organization’s existing security technologies as well as vulnerability and patch management policies:
Learn how virtual patching works and how it helps mitigate security and organizational risks in the infographic, "How Virtual Patching Helps Protect Enterprises."
The Trend Micro™ Deep Security solution provides virtual patching that protects cloud workloads, servers, and containers from threats that exploit network-based vulnerabilities in critical applications, operating systems (Linux kernels, AIX, Solaris, and Windows including those in end-of-support status like Windows Server 2008 and Server 2003), and platforms like Docker and Kubernetes.
The Trend Micro Apex One™ security solution’s virtual patching delivers the timeliest vulnerability protection across a variety of endpoints, including point-of-sale (PoS), internet of things (IoT) devices, and systems with end-of-support (EoS) operating systems.
The Trend Micro™ Deep Discovery™ solution provides detection, in-depth analysis, and proactive response to attacks using exploits and other similar threats through specialized engines, customized sandboxing, and seamless correlation across the entire attack lifecycle, allowing it to detect threats even without any engine or pattern update.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.