Vulnerability MonitoringMonitoring current vulnerabilities and threats to your software environment and pushing vendors for patches. Alternatively, many firms have no idea that a vulnerability exists until a vendor notifies them of a patch. In the worst case, a firm is oblivious to vulnerabilities or patches until they have a problem or hear about a problem in the media.
Patch AnalysisEvaluating a patch to identify and manage risks. In many cases, vendors bundle new features with a patch that may have business impacts. Some security patches are rushed out the door such that they contain bugs or vulnerabilities. It is also possible for a "patch" to completely rearchitect a product such that it has widespread implications for the performance, functions and customizations of software.
Patch PlanningDeveloping a plan to implement the patch. This may address complex dependencies. For example, if you upgrade firmware you may need to upgrade an operating system which may lead to a need to update applications and so forth. In many cases, you will need to confirm with vendors that their software will be compatible with a patch.
Change ManagementThe process of deciding whether to implement a patch and if so when it should be implemented. This may involve stakeholders such as business units, customers and technology teams. For example, it is possible for a patch implementation to require downtime that impacts all customers.
TestingApplying a patch to test environments and running regression tests, user acceptance tests, performance tests and security tests. Deployment procedures are also tested including procedures for rollback.
DeploymentDeploying a patch to critical environments such as production. In many cases, patches are both developed quickly and deployed quickly such that they have an unusually high risk of failing. As such, rollbacks are common.
Configuration ManagementUpdating configuration management records to reflect a patch including software libraries, documentation and configuration control records.
|Overview: Patch Management
The process of applying fixes and upgrades to software.