Posts by:

Maneesha Mariam

Preparation Phase, Identification Phase and Analyze Phase

Preparation Phase

The significance of adequately utilizing the preparation phase in respect of virtual patching can’t be overstated. Before dealing with a discovered vulnerability, or respond to a live web application intrusion, you have to take some actions to set up the virtual patching processes and frameworks. It is not the perfect time to be proposing the installation of a WAF or the concept of a virtual patch during the real-time compromise. Tension is high during real incidents and time is of the essence, so lay the foundation of virtual patching when the waters are calm and get everything in place and ready to go when an incident does occur. During real incidents, the tension is high and time is of the essence. Lay the base of virtual patching when everything is good enough and ready to take action if an issue occurs. 

Read more

Virtual Patching in Vulnerability Management

Virtual patching demands applying a layer of security policy that prevents and intercepts vulnerability exploitation. A productive solution requires the capabilities to analyze and block malicious activity from web-traffic, identify & prevent intrusions, prevent web application attacks, and flexible deploy on the cloud, or physical environments. Without pushing the critical system at risk, the patching solutions can also provide security administrators an opportunity to evaluate, analyze and plan official virtual patches.

Read more


Patch Management is a strategic process of acquiring, testing, and installing updated software. But, most of the companies find themselves comply less than strictly with their patching schedule. Customers can reduce risk while lengthening their patching cycles, helping their overtaxed IT departments, and reducing patching costs by simply applying this patch management strategy.

Read more

Common Roadblocks to Source Code Fixes

From the technical point of view, the initial mitigation strategy would be for an organization to rectify the discovered vulnerability within the source code of the web application. This is globally accepted by web application security experts and system owners. But nowadays, there arise many situations where modifying the source code of a web application is troublesome such as:

Read more

Advantages of Virtual Patching

Today’s systems can be considered as very advanced as well as complex, with multiple dependencies and interrelationships. It requires a lot of time to develop a fix and test it in operation. Implementation of a virtual patch does not modify the operation of the underlying application or the systems that interact with it. It is possible to run the patch in monitor mode to evaluate any potential impacts before turning on the blocking functions.

Read more