Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Creating a Program to Manage Security Patches and Vulnerabilities: NIST Recommendations for Improving System Security

Published

Author(s)

Shirley M. Radack

Abstract

This bulletin provides information for organizational security managers who are responsible for designing and implementing security patch and vulnerability management programs and for testing the effectiveness of the programs in reducing vulnerabilities. The information is also useful to system administrators and operations personnel who are responsible for applying and testing patches and for deploying solutions to vulnerability problems. The bulletin discusses the need for timely patching of software to maintain the operational availability, confidentiality, and integrity of IT systems. It summarizes NIST recommendations for implementing a systematic, accountable, and documented process for managing exposure to vulnerabilities through the timely deployment of patches. References and sources of information on patch and vulnerability management are provided.
Citation
ITL Bulletin -

Keywords

Homeland Security, information technology security, patch management, security management, security patches, system administration, vulnerabilities

Citation

Radack, S. (2006), Creating a Program to Manage Security Patches and Vulnerabilities: NIST Recommendations for Improving System Security, ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=150612 (Accessed June 22, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created February 15, 2006, Updated May 4, 2021