Maintaining systems and applications with current security patches is one of the most critical tasks facing IT professionals, yet it is often one of the most neglected due to the time-consuming and rote nature of the work. In a Verizon analysis of security incidents, researchers found that the typical organization patches less than half of its systems within four weeks of the discovery of a vulnerability. Even more concerning is that if a patch is not applied within the first four weeks of release, it is unlikely that it will ever be patched. 

This situation leaves organizations vulnerable to both sophisticated attackers during the early days of a patch’s release and run-of-the-mill attackers during later phases. While security professionals clearly recognize and evangelize on the importance of applying patches, the work simply isn’t getting done.

Published March 2019 in SearchSecurity
Read the full article: How automated patch management using SOAR can slash risk