Best IT Documents.com Blog


Microsoft Patch Matrix Analysis

Posted in O S (375),Policies - Standards (600),Security (1500) by Guest on the September 19th, 2016

This information allows you to see at a glance which Microsoft Security Bulletins apply to which products and the Severity Rating for each bulletin.  Each Security Bulletin is listed complete with links to the full bulletin on Microsoft’s website. You can view Security Bulletins sorted in reverse numerical order or by the date the Bulletin was last updated.
Microsoft believe you should always apply patches to any software you’re using for which they issue a patch with either a Critical or Important rating and these patches should be applied as soon as is practically possible (especially Critical ones). For patches rated as either Moderate or Low Microsoft recommend you read the related security bulletin to decide whether you should apply the patch to your environment. Personally if Microsoft issues a patch for something I’d seriously consider installing it (after testing) regardless of the Rating.  Easier said than done I know in a lot of environments but if you don’t patch you’re asking for trouble.

 

Severity Ratings Microsoft use the following system to rate the severity for each vulnerability.  This information has been reproduced from the “Microsoft Security Response Center Security Bulletin Severity Rating System” which you can find at:

 

https://technet.microsoft.com/en-us/security/hh314216.aspx

 

We’ve added the “Color” column onto the end of the table so that you can tell at a glance what Severity Rating Microsoft have assigned to the software affected by each vulnerability.

Rating Definition Color
Critical A vulnerability whose exploitation could allow the propagation of an Internet worm without user action Red
Important A vulnerability whose exploitation could result in compromise of the confidentiality, integrity, or availability of user data, or of the integrity or availability of processing resources. Orange
Moderate Exploitability is mitigated to a significant degree by factors such as default configuration, auditing, or difficulty of exploitation Green
Low A vulnerability whose exploitation is extremely difficult, or whose impact is minimal. Black

 

Security Vulnerabilities by Number

The following is a list of Security Vulnerabilities issued year-to-date (dd/mm/yy) with the most recent first.

Patch No. Title Affects/ Severity Issued/ Updated
Comments Off on Microsoft Patch Matrix Analysis

Sample – Asset Rating

Posted in Compliances (1300),Policies - Standards (600),Security (1500) by Guest on the September 3rd, 2016

Purpose

This document provides guidelines / instructions that enable Symantec users or the Technology Services Group members to developed, identify, evaluate and remediate system and application vulnerabilities in order to prevent a catastrophic systems failure.

 

Background

This document defines accountability and a process that coordinates the patch and vulnerability management effort to include communication, documentation and reporting requirements. By adhering to the following guidelines, Symantec can reduce risks that can lead to adverse security incidents. The primary parties responsible for complying with these procedures include key Information Technology (IT) managers and Risk Management’s Information Security Officer (ISO).

 

Technical Impact 1 – 5:       A measure of how important a device is to the communications of the network.

 

Threat 1 – 5:                          An activity that has either the potential of causing harm to a computer or a network.

 

Vulnerability 1 – 5:               A flaw, mis-configuration, or weakness that allows the security of the system to be violated.

 

Criticality 1 – 5: A measure of how important a system is to the organization’s mission.

 

1 – lowest – no risk or does not apply

 

2 – Low risk – little or no impact

 

3 – Would cause damage

 

4 – Would cause serious damage

 

5 – Would cause exceptionally grave damage

Comments Off on Sample – Asset Rating

Patch and Vulnerability Research Resources

Overview

This procedure was developed to identify and evaluate system and application vulnerabilities through research. This document defines accountability and a process that shows where to look for vulnerabilities that affect [Client] and how to access [Client] personalized resources. By adhering to the following guidelines, [Client] keep abreast of new vulnerabilities, exploits, viruses and worms. The primary party responsible for complying with these procedures is the Risk Management’s Information Security Officer (ISO). Instructions for the frequency at which the ISO (or designee) should be checking these resources is listed below.

 

Source Documentation/Information

  • Cassandra Incident Response Databasehttps://cassandra.cerias.purdue.edu/user/logout.php A website developed by the Center for Education and Research in Information Assurance and Security (CERIAS). This site allows security professionals to build a profile that lists the vendors and OS’ that apply to their infrastructure. The site gets its information from the ICAT database maintained by NIST. This site is secured using SSL 128 bit encryption.

 

  • The Internet Storm Centerhttp://isc.incidents.org/ Supported by the SysAdmin Audit Network Security Institute (SANS), a website that takes volunteered IDS logs from around the world (Over 3 million) and makes the statistics available on the internet free of charge. This web site is good to see what the top ten scanned ports are and the top ten IPs they are coming from.

 

  • CERT Current Activityhttp://www.cert.org/current/current_activity.html The CERT Coordination Center (CERT/CC) was formed by the Defense Advanced Research Projects Agency (DARPA) in November 1988 in response to the needs identified during an Internet security incident. The CERT/CC is part of the Networked Systems Survivability (NSS) Program at the Software Engineering Institute (SEI), Carnegie Mellon University. The primary goal of the NSS Program is to ensure that appropriate technology and systems management practices are used to resist attacks on networked systems and to limit damage and ensure continuity of critical services in spite of successful attacks.

 

  • Secuniahttp://www.secunia.com/advisories The Secunia Security Advisories list is free and designed for the IT professional who wants one source of information about the latest software vulnerabilities and security fixes. This site ranks the vulnerability based on a 1 – 5 ranking. Outstanding site for justifying the need for patches or mitigation.

 

  • SecureFocus BugTraq Vulnerability Forumhttp://online.securityfocus.com/archive/1 The Bugtraq forum is a site that lists all correspondence relating to vulnerabilities that may or may not be verified. There is a process once items are entered into the Bugtraq Forum where CERT reviews submitted issues, evaluates them and gives them a candidate number. After thorough evaluation, if the candidate is a true vulnerability, it will receive a CVE (Common Vulnerabilities and Exposures) designation.


  • Microsoft Security Notification Service – http://www.microsoft.com/security/security_bulletins/decision.asp Microsoft TechNet offers the Microsoft Security Notification Service. These e-mail messages are geared toward IT professionals and contain in-depth technical information. This information will state the date the problem was found, what the problem is and how to mitigate the problem. In many cases the bulletins list “Mitigating Factors” that may make the vulnerability non-applicable or may heighten the need for action. The bulletins also have patch information available such as if a patch is available, where to get the patch and what the patch does.

 

  • SANS Newsbites – http://portal.sans.org/register.php The SANS NewsBites is a weekly high-level executive summary of the most important news articles that have been published on computer security during the last week. Each news item is very briefly summarized and includes a reference on the web for detailed information, if possible. Spend five minutes per week to keep up with the high-level perspective of all the latest security news. Each issue is delivered weekly by email, Free.

 

  • ICAT Databasehttp://icat.nist.gov/icat.cfm The ICAT Metabase is a searchable index of computer vulnerabilities. ICAT links users into a variety of publicly available vulnerability databases and patch sites. ICAT indexes the information available in CERT advisories, ISS X-Force, Security Focus, NT Bugtraq, Bugtraq, and a variety of vendor security and patch bulletins. ICAT is maintained by the National Institute of Standards and Technology. The ICAT DB is Uses the CVE naming standard.
Comments Off on Patch and Vulnerability Research Resources

Sample – Word – Microsoft Desktop Patching Policy

Posted in Policies - Standards (600) by Guest on the October 27th, 2015

Sample – Microsoft Desktop Patching Policy

Microsoft_Desktop_Patching.doc

Comments Off on Sample – Word – Microsoft Desktop Patching Policy

Sample Word – Visio RSA – ESI Event Source Integration

Sample Word and Vision document download

RSA – ESI Event Source Integration

 

 

Comments Off on Sample Word – Visio RSA – ESI Event Source Integration

Sample Word – Clinical Access SSO Test Cases

Free Word document download

Clinical Access SSO Test Cases

 

Comments Off on Sample Word – Clinical Access SSO Test Cases
Next Page »