Security News > 2023 > March > Virtual patching: Cut time to patch from 250 days to

Virtual patching: Cut time to patch from 250 days to
2023-03-16 03:45

Patching is a long and arduous process - Developing permanent fixes takes 60 days on average, even for critical vulnerabilities.

Deploying even a single patch across the architecture takes 12 days on average.

Patching can disrupt customers - Patching can also introduce new issues or incompatibilities that may impact existing customers.

Virtual patching - An effective compensating control.

Virtual patching is a security technique that uses rules on WAF to block known vulnerabilities in an application or system without modifying the actual code.

Once the vulnerabilities are found, immediately apply virtual patches on the WAF. Finally, have dedicated sprints for patching on the code, as every custom rule you add on the WAF will add a small latency on the application.


News URL

https://www.helpnetsecurity.com/2023/03/16/virtual-patching-cut-time-to-patch/