The best medicine for application flaws is automated patch management. To kick off our latest Rolling Review, we'll size up key trends and vendors.
In 2006, the CERT program at Carnegie Mellon's Software Engineering Institute reported upward of 8,000 application vulnerabilities that required software patches--that's 30% more than in 2005. We've had years to get this process down, yet patching continues to cause a great deal of angst. We frequently see organizations that are more than a month behind on patch applications--and open to viruses and security violations. Why take that risk? Too many IT groups lack the tools, processes, and resources to patch effectively.
No fewer than 14 vendors are looking to rectify that situation. Each product has strengths and weaknesses, and we're hoping to get most of them into our Real-World Labs in the near future. See our automated patch management Rolling Review invitees and requirements at Rolling Reviews.
Ideally, patch management will be just one element of a comprehensive configuration management or software distribution system in larger shops. Smaller companies can get by with standalone tools, but many need several point products for different types of apps and devices. But however you manage it, automation is critical, as are documenting changes, testing to ensure that patches won't break other apps, and deployment policies to avoid bogging down networks.
(click image for larger view)
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
2017 State of IT ReportIn today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.