Slash Mttp, block exploits: Publishing episode is now necessary

Unusual systems are a time bomb. Fifty -seven percent One of the victims of the electronic attack that admitted that the available spots would have prevented violations, but about nearly A third confessed Non -acting, doubling Risks.

Bonemmon research Organizations now show an average vow in danger 43 Days to detect electronic attacks, even after the launch of the correction, before 36 Days of the previous year. According to Verizon 2024 Data breach investigations reportThe ability of the attackers to exploit the weaknesses 180 % From 2023 to 2024.

Fighting chronic fires makes manual or automatic patch partially stress, which increases the priority lists of difference.

PManual or automatic correction systems are partially taking a long time, which reduces patching down the team’s work list. This is it Creation with Ivanti study This has found that the majority (71 %) of IT specialists and I think patching is very complex, exhausted and time.

When it comes to patching, satisfaction kills satisfaction

The attackers strongly Exploiting the weaknesses and common exposes (CVES)Often ten years or more.

A certain sign of the effectiveness of the Tradecraft of the attackers in targeting CVES Legacy is their success in weaknesses in some cases, which exceeds 10 years. A sure sign that the attackers find it New ways to arm old weaknesses It is reflected in amazing statistics 76 % The weaknesses that were used by Ransomware were reported between 2010 and 2019. 27 % It lacks coherent correction strategies and nearly a quarter do not agree to the correction schedules. One of the unexpected benefits of automating the correction department is to break the impasse between it and safety when it comes to managing the correction work burden.

“Usually, on average, the Foundation may correct 90 % of desktop devices within two to four weeks, and 80 % of Windows servers within six weeks and only 25 % of Oracle databases within six months of the date of the correction issuance,” Gartner In their latest report, “We do not throw our way out of weakness Exposure“The report states that” the cold and difficult reality is that no one comes out of the actors to the threat on a large scale in any size, geography, or vertical industry. “

Publication of the episode: a wide proactive defense

Each point of endless end or threat surface calls for the attackers to exploit. Companies are losing a patching race, which stimulates the attackers more.

Meanwhile, patchwork became more difficult for security teams and IT manually. Nearly a decade ago, the circle of the ring began to rely on it Microsoft networks. Since then, conclusion has spread through the cloud -based correction management and risk systems. The publication provides the ring strategy, shrinking the attackers and hacking risk.

Publishing publishing is published gradually through the stages that are carefully controlled or “episodes:”: “episodes:”

• Episode Test (1 %)Basic information technology teams quickly verify the instability of the correction.
• Early adoption ring (5-10 %)A broader internal group that confirms the real world’s compatibility.
• Production ring (80-90 %): The decline at the institution level has been proven categorically.

The last Ivanti version is designed from the publication of the episode to give safety teams greater control over when the corrections will be published, for any systems and how each of the updates will be managed. By treating correction problems early, the goal is to reduce risks and reduce and eliminate disorders.

Crush the episode MTTP, the chaos of interactive patchwork ends

Dependence on old weaknesses to lead the correction management strategies only increases the risk of penetration with the institution’s race to keep pace with the growing patch accumulation. This is often when patching becomes an endless nightmare for cybersecurity, as attackers look forward to taking advantage of many old Cves that are still not protected.

Gartner takes in their latest report.ConversationZE Windows and Patching the third party application“It makes the point brutally clear, which shows how traditional correction methods routinely fail to keep up with it. In contrast, the institutions that build the publication of the episode get measuable results. You find their research that publishing the episode achieves” 99 % success within 24 hours of up to 100,000 computers “, leaving the traditional methods away.

During an interview with Venturebeat, Tony Miller, Vice President of Institution Services at IVANTI, confirmed that “Ivanti neurons to manage correction and implement the publication of the ring are an important part of our customer trip.” He said that the company uses many of its own products, which allows a quick reactions and gives developers an insight into customer pain points.

Miller added: “We have tested the publication of the episode internally with a limited group, and we are being presented at the level of the institution. In our experimental group, we have benefited from publishing corrections based on the dangers of the real world, and ensuring that the updates do not produce employees-a great challenge to any IT organization,” Miller added.

Venturebeat has also spoken with Jesse Miller, SVP and Southstar Bank, about taking advantage of the dynamic risk classification of Ivanti (VRR), a system that is constantly moving by AI with the intelligence of the actual threat, direct exploitation activity, and current attack data.

Miller clearly stated: “This is an important change for us and the entire industry. The judgment on corrections based on CVSS is now similar to work in a vacuum. When judging the impact of something, you have to take everything from the current events, your movement, your environment and more to the equation. Ultimately, we just make more clear decisions because we do not deal.

Miller also highlighted the strategy of determining his team’s priorities: “We have been able to focus on giving priority for zero and self -esteem priority to go out first, as well as anything that is exploited live in the wilderness. The use of correction priorities helps to get rid of our biggest danger first so that we can reduce the surface of the attack as quickly as possible.”

By combining the publication of the episode and the dynamic VRRRRRIR technology, Ivanti neurons provide institutions with an organized optical coincidence of the decrease in additional correction. This approach decreases sharply from time to time to time (MTTP), which accelerates the corrections from the targeted test through full publishing and reducing exposure windows that attackers significantly exploit.

Comparison of Ivanti neurons, microsoft, tanium and servicenow: main strengths and gaps

When choosing the solutions to the correction management solutions, clear differences appear between leading service providers, including Microsoft Autopatch, Tanium, Servicenow and Ivanti.

Microsoft Autopatch It depends on publishing the episode but is limited to Windows environments, including Microsoft 365 applications. Ivanti nerve cells expand in this concept by covering a wider spectrum, including Windows, MacOS, Linux and different third -party applications. This allows the correction management at the institution level for institutions with wide infrastructure.

Tanium stands out due to the clarity of the strong end point and detailed reporting features, but its infrastructure requirements are usually better in line with the intensive companies of resources. Meanwhile, Servicenow’s strength lies in the automation of workflow and the integration of information technology services management. The implementation of actual corrections often requires a large additional specialization or third -party integration.

Ivanti Neurons aims to distinguish by combining dynamic risk assessments, publishing the interim episode and automatic workflow within one platform. It directly addresses the challenges of joint institutions in correction management, including gaps of vision, operational complexity and uncertainty about determining weaknesses with actual risk assessments and obvious visual information.

Converting correction management into a strategic feature

Patching alone cannot eliminate exposure to weakness. Gartner continues to emphasize the need to integrate compensation controls, including EPP, multi -factor authentication, and retail network to enhance safety behind basic patching.

Combining the publication of the episode with integrated compensation controls that make up part of a broader framework for security trust, and allows information technology to reduce exposure windows, and better manage cybersecurity.

IVANTI’s approach to the publication of the episode includes actual time risk assessments, automated processing functioning, compact threat management, and direct correction management alignment with wider commercial flexibility strategies. The design decision to make it part of the correction management cells provides that institutions that need to improve the vision of risk management in actual time.

The bottom line: The incorporation of cycle publishing with compensation controls and priority tools transforms the correction management from an interactive burden to a strategic advantage.