Faster is pretty much always better, and that’s particularly true when it comes to instituting patches and remediating when new vulnerabilities are identified. The longer it takes to eliminate identified vulnerabilities, the longer there’s the potential that attackers can wreak havoc in an organization. Today’s digital enterprises are more connected and more exposed than ever, so speeding these efforts is getting increasingly vital. Automation plays a key role in keeping the digital enterprise lean, focused on innovation, and hardened against new threats.
Through our automation capabilities, we help make it a lot easier for IT teams to respond efficiently, consistently, and, yes, quickly when these issues arise. By taking a policy-based approach, customers can make complex changes across vast, and varied infrastructures within minutes. In addition, through our timely release of ZipKits (pre-packaged content from BMC—more detail below), we’ve been helping hundreds of organizations respond most effectively when trouble strikes.
Consider the recent case of the VENOM vulnerability, which has the potential to enable an attacker to move beyond a compromised virtual machine guest and expand the compromise to the physical machine. Obviously, mitigating this type of vulnerability is critical. The vulnerability was announced on many sites on May 14, 2015. Within 48 hours, BMC developers had published a ZipKit which provided the necessary patches as well as templates and scripts that significantly streamlined the process of patching the VENOM vulnerability. Over 450 unique visitors came to the BMC Community to learn more about this threat and download the Venom ZipKit.
Simply by leveraging our solutions and the ZipKit, organizations could quickly and uniformly eliminate the risks posed by VENOM. Other ZipKits, such as the Shell Shock or Ghost ZipKits, were provided by BMC Community members within a few days of the security alert. Hundreds of BMC Community members benefited from this rapid response. This follows similar results when issues like Heartbleed and others arose.
A lot of times, remediating vulnerabilities isn’t simply a matter of installing a patch. Scripts may need to be run, configurations checked and modified, and so on. Our ZipKits go beyond basic patches to help take the guesswork, not to mention a lot of the work, out of these efforts. These ZipKits are made by and made for the BMC community. For instance, there are numerous community-created ZipKits that address anything from agent deployment across different platforms to applying ACL policies to components.
Automation and quick response times are critical to the success of the digital enterprise. If you haven’t checked out the available ZipKits, be sure to stop by the BMC Community page to see what’s available.
These postings are my own and do not necessarily represent BMC's position, strategies, or opinion.