Capella has been designated a National Center of Academic Excellence in Information Assurance Education (CAEIAE) by the National Security Agency and the U.S. Department of Homeland Security. Capella’s information security curriculum meets the NSA Committee on National Security Systems standards 4011, 4013, 4014.
The NSA’s Information Assurance Courseware Evaluation (IACE) Review Committee has validated that Capella’s information security curriculum meets the Committee on National Security Systems (CNSS) National Standards 4011, 4013. Additional courses are needed for 4014. Learn what it means to a Capella learner.
The top 10 security threats report that the way to sensitive assets is still too often through vulnerable applications. Why have we not yet solved this problem and are there any really creative ideas out there for how to mitigate this risk?
What do you think?
4 Comments
I believe that you need two things to ensure secure patch management.
The first is a documented and functioning change control process. You should be able to patch, test, approve,and deploy in a lab before you patch the live network.
The second is some form of an 802.1x (NAC) solution that will isolate systems from the live network until they reach a compliant patching level and is integrated into your WSUS, SCCM, AV, and Host IPS infrastructure.
Have you got one of those solutions that will sniff out trouble not only with the operating system, but also with specific application vulnerabilities as well?
I have had expeience with the McAfee suite of host based tools and their enterprise management system. Configured properly, their suite of tools can scan, detect, quarentine, patch and report on viruses, malware, application vulnerabilities and brute force attacks on the OS.
I dont not work for McAfee or any company associated with their products.
sorry I do not work for…………