0

Best practice

Doug’s service is onboarded to Qualys.

He receives an alert from DPG about a vulnerability impacting his service.

What should he do?

Best practice

Doug reviews some notes about the vulnerability, and discovers that if exploited, it can potentially result in a malicious cyber actor gaining unauthorised access to information.

A security patch (code-fix) has been released, but Doug is unsure what impact it could have on his service if implemented.

There are a couple of other mitigating controls that he can introduce to help protect the information in his service until the patch has been deployed.

How can Doug proceed?

Doug wants to wait for a more convenient time, but when he approaches Jamie for advice, she explains that there must be a robust reason for remediation to be deferred.

Not quite. Doug’s best course of action is to apply for a temporary exemption until the patch has been tested in a development environment and use other mitigating controls in the interim.

That’s correct. Doug’s best course of action is to apply for a temporary exemption until the patch has been tested in a development environment and use other mitigating controls in the interim.

Best practice

The next steps for Doug are to learn if there is a patch available that can be applied to the system.

As it turns out, there is.

What should Doug do next?

Not wanting to expose the business to vulnerabilities, Doug deploys the patch immediately. Unfortunately, it has a few significant conflicts and causes issues in his service.

Doug should have applied for a temporary exemption so that he could schedule the patch for testing.

Doug realises that sending the patch for testing will delay remediation, but also recognises the importance of securing the network. He successfully completes his testing and implements the patch, and is then able to close the temporary exemption.