Patch Management in the Post-SolarWinds Era
Security Boulevard published an article about the SolarWinds breach, in which hackers inserted malware into software updates sent to thousands of customers and created a backdoor to their IT systems. The method of attack suggests organizations need to seriously rethink patch management.
Until recently, installing patches and keeping systems up to date was purely a risk reduction exercise, but IT security professionals understand that attackers will eventually find a way in, either by accident or by focusing their efforts on a known weakness
K2’s CTO and Co-Founder, Jayant Shukla was tapped for commentary on best practices for patch management by the article’s author Nathan Eddy.