Take a sneak peek at the new NIST.gov and let us know what you think!
(Please note: some content may not be complete on the beta site.).

View the beta site
NIST logo

Publication Citation: Surviving Insecure IT: Effective Patch Management

NIST Authors in Bold

Author(s): Simon Liu; David R. Kuhn; Hart Rossman;
Title: Surviving Insecure IT: Effective Patch Management
Published: March 21, 2009
Abstract: The amount of time to protect enterprise systems against potential vulnerability continues to shrink. Enterprises need an effective patch management mechanism to survive the insecure IT environment. Effective patch management is a systematic and repeatable patch distribution process which includes establishing timely and practical alerts, receiving notification of patches or discovering them, downloading patches and documentation, assessing and prioritizing vulnerabilities, performing testing, deploying patches, and auditing.
Citation: IT Professional (IEEE)
Volume: 11
Issue: 2
Pages: pp. 49 - 51
Keywords: IT Professional, patch management, security, vulnerability, vulnerability alerts, vulnerability assessment, vulnerability scan
Research Areas: Cybersecurity
DOI: http://dx.doi.org/10.1109/MITP.2009.38  (Note: May link to a non-U.S. Government webpage)
PDF version: PDF Document Click here to retrieve PDF version of paper (44KB)