Software maintenance has a cybersecurity aspect. One of the most proactive steps a company can take to reduce exploitation from cyber threats is to patch published vulnerabilities in software and systems in a timely matter. This is critical to maintaining the operational confidentiality, integrity, and availability of information technology (IT) and operational technology (OT) systems.
However, a maritime cybersecurity firm found that 37% of ship servers running Microsoft had not been patched and were vulnerable to attacks1. Patch management can prove to be a time-consuming, costly, and labor-intensive process. Many maritime companies have systems in isolated, low-bandwidth environments, and must verify that patches do not negatively impact functionality and operational capability of critical systems.
VulnX is a cloud-based, automated patching and vulnerability remediation solution used to secure networks and suit the dynamic needs of companies within the maritime industry. With VulnX, you gain a holistic view of your organization’s security posture and reduce vulnerability risks all while maintaining integrity of critical operations.
Address security, functional, and programmatic related issues in software and firmware to significantly reduce the opportunities for exploitation across the entire network. VulnX delivers identification and notification of the latest patch vulnerabilities across multiple platforms and applications. It supports security and non-security patches to Microsoft Operating Systems and third party applications.
Cloud-based capabilities are scalable and enable VulnX’s services to be available in any size or type of environment. VulnX works in the background of critical mission planning operations, and has the appropriate mechanisms to account for low bandwidth and connectivity loss. Automated execution minimizes the risk for user error, and lowers overall administrative burden.
Secure Baseline Management
Ensures that your system and endpoints are current, secure, and complaint with your baseline profile and policies. VulnX creates continuous policy enforcement through the creation of baselines for whole system remediation as well as sub-baselines that define patches for operating systems, applications, or different hardware specifications. These baselines enforce policy-based installation of new and updated software packages. Additionally, VulnX’s use of data persistence allows for preservation of data before any patch or software update is applied.
VulnX’s scanning capabilities determine if systems have been configured and comply in accordance to set baselining. Its server management interface provides the ability to view, log, and assess system compliance in real-time from any remote location. Easily generate compliance reports for a specific baseline and/or sites to identify software anomalies. In addition, VulnX is tailorable to meet custom requirements for compliance or functionality purposes. Meet compliance and regulatory standards, mitigate lost opportunities, and reduce the risk of legal and financial penalties.
Gain a thorough view of your entire system with rich reporting capabilities, including compliance reports and a range of report export and upload options. Generate reports summarizing latest patch activity for a specific site or the entire system, success/failure of downloads, installations, and compliance status.
VulnX’s intuitive and responsive interface creates an optimal end-user experience while its server management interface provides system compliance monitoring and custom data provisioning in real-time.
Interested in learning more? Contact Gnostech today to learn more about implementing VulnX in your maritime operation.
1 Chamber, Sam. “Lack of patching leaves maritime sites open to remote control risk.” Splash24/7. Posted May 4, 2015, http://splash247.com/lack-of-patching-leaves-maritime-sites-open-to-remote-control-risk/.