The average time to identify security incidents and vulnerabilities in the enterprise is over 200 days and the average time to contain/remediate incidents is over 60 days.1 In fact, 1 in 10 Enterprises take a year or more to deploy Windows patches affecting most or all of their endpoints.2 With Microsoft releasing over 700 vulnerabilities last year, things aren’t getting easier. Windows patch management continues to be one of the most complex aspects of managing and configuring PCs in the enterprise. Windows as a Service was introduced to make patching simpler in the Windows 10 operating system; however, the approach is far from perfected, putting organizations at risk from known security vulnerabilities and in constant react mode. Having visibility and automating patch remediation is not only critical in alleviating patch management complexity, but also helps IT proactively manage security vulnerabilities.
Just last August at VMworld 2018, we introduced a new concept to help IT with exposure to security risk associated with patch management based on Windows 10 CVEs (common security vulnerabilities and exposures). By leveraging CVE integration with our Workspace ONE Unified Endpoint Management platform and Workspace ONE Intelligence service, IT can take advantage of proactively managing security vulnerabilities with automated patch remediation based on a CVE risk profile. We highlight a tech preview of this capability in the January 2019 releases update of our Workspace ONE Intelligence Series.
Watch – Workspace ONE Intelligence Series Episode 5
In this episode, we take a look at how CVE feed data is aggregated from the NIST National Vulnerability Database into Workspace ONE Intelligence. This data helps Workspace ONE Intelligence correlate CVEs and risk score (known as CVSS or Common Vulnerability Scoring System) to Knowledge Base (KB) entries, helping identify devices that are vulnerable to critical CVEs. Getting this type of visibility in Workspace ONE Intelligence then allows IT to be proactive in setting up patch automations instead of reacting to patches that failed to install or are missing. We also demo new report templates related to CVE and Windows 10 OS updates.
Utilizing CVE data is just one of the many security innovations we’ve been working on in Workspace ONE Intelligence. We showcased these enhancements last week at the RSA conference and are excited to continue to update Workspace ONE Intelligence to provide even more value to our customers. Stay tuned for the next episode of the Workspace ONE Intelligence Series and for more information on Workspace ONE Intelligence, visit http://vmware.com/go/intelligence.
1. VMware’s Move to a Digital Workspace White Paper, January 2017, VMware
2. Inner Circle Modern Management Research, August 2018, VMware