A fix to a program that eliminates a vulnerability exploited by malicious hackers. In computing, a patch is a small piece of software designed to update or fix problems with a computer program or its supporting data. This includes fixing bugs, replacing graphics and improving the usability or performance. Though meant to fix problems, poorly designed patches can sometimes introduce new problems.
Patch Assessment is the process of using a strategy and plan of what patches should be applied to which systems at a specified time. By the Patch Assessment Service, infySEC conducts an in-depth analysis of an organization’s existing patching practices. Our consultants review the patch management process followed. They consider aspects like documented procedures, efficiency of the patch deployment methodology, i.e. automated or manual, patch testing and validation procedures, etc. Our consultants also review procedures for exceptional cases where patches are not deployable and the workarounds that have been implemented for the same.
As a result of this service, the organization obtains a comprehensive understanding of the efficiency of the current patching processes, the lacunae in the existing procedures and the risks involved, which could adversely affect the continuity of their business. Detailed recommendations are provided, which enable an organization to bridge those gaps in their information security domain.