www.Seqrite.com

Centralized patch management solution for all

Microsoft application vulnerability patching

needs.

Seqrite Endpoint Security.Patch Management : Overview

Technical Training Department

Quick Heal Technologies Ltd.

1

www.Seqrite.com

Contents

• What is Patch Management

• Why patching plays an important role in every organization’s security?

• Examples of incidents in which software vulnerabilities have been an enabler of security breaches

• How does Seqrite help?

• What can you do with SEPS Patch Management?

• Patch Management Reports

• Key Benefits of Patch Management

2

www.Seqrite.com

What is Patch Management

3

Patch Patch Management

A Patch is piece of software designed to

update computer applications, programs

to fix security vulnerabilities and other

bugs in order to improve the usability or

performance.

Patch management is the process of using a

strategy and plan of what patches should be

applied to which systems at a specified time.

www.Seqrite.com

Why Patching Plays a Crucial Role in Every Organization’s Security?

4

www.Seqrite.com 5

“Enterprises that implement a vulnerability management process will experience 90% fewer successful attacks...”

Gartner, Predictions for IT Security Directors in 2007

www.Seqrite.com 6

As per data published by CVE Details, in 2016 the most vulnerable Windows applications were Adobe Flash Player, Adobe

Reader, Adobe Acrobat, VLC media player, Oracle JRE(Java) and web browsers such as Firefox, IE etc.

Important Stats

www.Seqrite.com 7

Important Stats

www.Seqrite.com

MYTH REALITY

We’re protected since we already have a firewall

and an Intrusion Detection System.

Despite all the attention that firewalls, anti-virus applications and

Intrusion Detection System (IDS) receive, security vulnerabilities

still plague organizations.

Why patching plays an important role in every organization’s security?

Our Company isn’t a target for attacks• If you look at recent events you will see, Ransomware like

WannaCry and Troldesh attacked enterprises and systems at

random, based on specific vulnerabilities.

• On the other hand, it is not just large enterprises that need to

be concerned about targeted attacks.

• Any organization can become the target of a disgruntled

employee, customer or contractor. So, it is important to move

beyond the “it can’t happen to me” feeling of security.

www.Seqrite.com 9

• Here they release software/ Operating System attackers & hackers out there looking for loopholes and vulnerabilities that will let

them in.

• The fact is no software or Operating system is bullet proof.

• Managing and updating software updates is a daunting challenge for enterprises.

Why patching plays an important role in every organization’s security?

www.Seqrite.com

Examples of incidents in which software vulnerabilities have been an enabler of security breaches

In 2016, there were 702 million attempts to launch an exploit – malware that uses bugs in software to infect devices with

additional malicious code like banking Trojans or ransomware. This is 24.54% more than in 2015.

The number of corporate users attacked by exploits increased 28.35% to reach more than 690,000, or 15.76 % of all users attacked

with exploits.

India ranks 10th in the list of Global Web Application Attack Source Countries while it is fourth on the list of top target countries

for web-application attacks, according to a new report by Akamai Technologies Inc., a global player in content delivery network.

www.Seqrite.com

Recent Security Breach due to Windows Vulnerability

Patch, patch and patch !

This has been the go-to mantra of security professionals and the recent WannaCry ransomware attack has highlighted its importance once

again. A large number of PCs worldwide were not patched with the latest update from Microsoft windows which led to the recent WannaCry

ransomware havoc worldwide.

What was the scenario?

• On Friday, 12 May 2017, over 200,000 computers across 150 countries including India were infected by the WannaCry ransomware attack.

• WannaCry is a ransomware that encrypts all the data files on the infected computers and asks users to pay 300 USD to restore the files. If the

ransom is not paid in three days it threatens to double the ransom amount.

• Solution offered by Microsoft: Update your OS else apply MS17-010 patch on computers.

Why did it happen? Microsoft had released patch for the same in March, 2017. However, systems that did not apply this patch were affected by the

WannaCry ransomware

Conclusion: Only those windows systems were affected by this Ransomware which were not patched by MS17-010 released by MS in Mar-17.This

scenario could have been avoided if Patch Management was placed in networks to patch-up the systems on a single click.

www.Seqrite.com

HOW

SEQRITE Endpoint Security Helps?

www.Seqrite.com

Seqrite EPS Patch Management

13

• Patch Management enables the centralized management for checking and installing the missing patches for the applications

installed in your network.

• Allows Administrator to download and apply only require patches on EPS Clients.

• Not mandatory to have WSUS configured in your organizational network , allows to download updates directly from Microsoft

Server.

• Can be deployed on same EPS Console System or on a separate system also.

• Not mandatory to have Network OS(Win Server OS) to deploy EPS PM Server, can be installed easily on either on Network OS or on

client OS also.

• Systematic reports availability on EPS Console Server about installed patched on endpoints.

• Can be configured and applied to groups and policies separately as per organizations requirement.

www.Seqrite.com

Patch Management: Overview

14

Patch Categorizations

Missing Patches

Automatic Installation

Critical

Important

Moderate

Low

Unspecified

Managing the Patch

Frequency

Exception

Helps to detect and install missing patches for Microsoft & Non –Microsoft Applications and Windows OS

Patches are categorized as per severity level, thus allowing to prioritize the patch install process

Vulnerability may allow code execution without user interaction.

Vulnerability may result in compromise of the confidentiality, integrity or availability of user data.

Impact of vulnerability is mitigated to a significant degree by factors such as authentication requirement or applicability only to non-default

configurations.

Impact of vulnerability is comprehensively mitigated by the characteristics of the affected component.

Vulnerability may result in random malfunctions.

Scheduling the frequency of patch scanning is possible. If any client is offline during the scheduled time a notification is sent.

Scheduling the system to automatically install missing patches is also possible.

In production or testing environment, there may be a requirement where operating system or applications are required in the unpatched form. To facilitate this, patch install exclusion is provided where the admin can exclude endpoints from patch installation.

www.Seqrite.com

Patch Management- Reports

15

www.Seqrite.com

Patch Management- Key Benefits

16

Security: Patch Management helps to keep your network secure from malware attacker who targets software and OS vulnerabilities, by Auto

download of patches based on the severity.

Improves Productivity: Many times vendor bugs or unexpected crash of applications results into unwanted network downtime, Patch

Management helps to keep all these things at bay by downloading such fixes in the form of patches.

Compliance: Organizations need to be secure enough to be able to protect employee data, customer data etc. Unpatched applications are

vulnerable to attack, which may further result in business loss, penalties and fines. Patch Management enables the organization to meet the

compliance criteria.

Better utilization of IT Department: Manual process of Patching systems and applications takes too much and efforts of IT team, Patch

Management is an Automated Patching Tool which downloads and installs patches from centralized location. This helps to reduce the burden

of IT staff.

Endpoints are safeguarded against web based threats, these are threats which targets users while they are browsing the internet. Most of

these programs target operating systems and programs such as:

• Java

• Adobe Reader

• Windows OS and Internet Explorer

www.Seqrite.com

References

17

• http://www.deccanchronicle.com/technology/in-other-news/220417/number-of-attacks-using-software-

vulnerabilities-on-the-rise.html

• https://www.beyondtrust.com/

• https://www.cvedetails.com/

www.Seqrite.com

Thank You

18