The challenges that the Virtual Patching service address:
- Continuous monitoring of security vulnerabilities.
- Matching vulnerabilities and IPS signatures.
- Applying the correct IPS blocking signatures.
A large amount of vulnerabilities along with exploit code are released on daily basis. It is difficult to apply patches fixing these vulnerabilities fast enough to prevent from attacks to happen. The vulnerability time window (from a vulnerability is released until a patch is applied) can be significantly reduced if the correct IPS signatures are applied using an IPS sensor installed "in-line", actively blocking these attacks as they appear. This method of dealing with vulnerabilities will make it possible to perform extensive quality assurance tests of patches before they are deployed in a production environment. Previously this has not been possible without extending the vulnerability time window.
The service provides:
- Security vulnerability reports affecting a custom defined environment.
- Managed IPS equipment installed "in-line" blocking possible attempts to exploit vulnerabilities affecting the custom defined environment.
- Reducing the vulnerability time window.
- Provide much more time to install patches in the affected environment.
- Well-defined content for the services specified in the SLA (Service Level Agreement).
The service includes a monthly report, presented to the customer by a security specialist and exception reports at the time when information about a vulnerability is published. The service also includes incident reports at the time attackers are trying to exploit vulnerabilities.
The Virtual Patching service provides proactive and active protection for attacks using new vulnerabilities, preventing your business in real-time from security incidents 24 hours of the day, 365 days of the year.