Tech

NIST guides tackles managing computer patches

October 10, 2012

2012_07_nist

The National Institute of Standards and Technology has published for public comment a revised draft of its guidance for managing computer patches.

The previous version, issued as Creating a Patch and Vulnerability Management Program (NIST Special Publication 800-40), was written when such patching was done manually.

The guide has been updated for the automated security systems now in use, such as those based on NIST’s Security Content Automation Protocol.

The guide provides recommendations that organizations should implement to improve the effectiveness and efficiencies of their enterprise management technologies. Organizations should:

deploy enterprise patch management tools using a phased approach,
reduce the risks associated with enterprise patch management tools by applying standard security techniques that should be used when deploying any enterprise-wide application, and
balance security needs with their usability and availability needs.

Comments on the draft should be submitted by Oct. 19, 2012, to 800-40comments@nist.gov with the subject “SP 800-40 Comments.”

More Scoops

President Joe Biden signs the CHIPS and Science Act during a ceremony on the South Lawn of the White House on Aug. 9, 2022 in Washington, D.C. (Photo by Chip Somodevilla/Getty Images)

NSF, NIST appropriations cuts met with disappointment as Biden seeks increases

While the National Science Foundation, National Institute of Standards and Technology, and other key CHIPS Act agencies would see boosts under Biden’s request, it still falls short…

By Madison Alder

President Joe Biden discusses his administration’s plans for managing artificial intelligence risks during an event in San Francisco on June 20, 2023. (Photo by Andrew Caballero-Reynolds / AFP via Getty Images)

From research to talent: Five AI takeaways from Biden’s budget

By Madison Alder

Sen. Mark Warner, D-Va., arrives for a hearing at the Hart Senate Office Building on Sept. 19, 2023 in Washington, D.C. (Photo by Kevin Dietsch/Getty Images)

Senate bill calls on NIST to boost work on emerging tech standards

By Matt Bracken

NIST guides tackles managing computer patches

More Like This

Federal CIO calls on Congress to fund Technology Modernization Fund

DOJ ‘not aware of any’ identity theft, fraud following consultant’s data breach

Commerce adds five members to AI Safety Institute leadership

Top Stories

Congressional panel outlines five guardrails for AI use in House

With 2023 tax season in the rearview, IRS commissioner eyes expansion of AI capabilities

CMS’s financial office is using LLM pilot to combat loss of institutional knowledge

Top public sector takeaways from Google Cloud Next 2024

Commerce requests information about AI, open data assets, data dissemination

Kiran Ahuja to step down as OPM director

More Scoops

NSF, NIST appropriations cuts met with disappointment as Biden seeks increases

From research to talent: Five AI takeaways from Biden’s budget

Senate bill calls on NIST to boost work on emerging tech standards

Updated NIST cybersecurity framework adds core function, focuses on supply chain risk management

Bipartisan Senate proposal calls for AI workforce framework from NIST

New legislation would give NIST drone cybersecurity responsibilities

Raimondo announces picks for U.S. AI Safety Institute’s director, CTO

Latest Podcasts

NIST guides tackles managing computer patches

Darryl Peek on Elastic’s role in enhancing public sector search and data analytics with AI and Google collaboration

Danny Werfel on How Automation has Enhanced his Agency’s Operations.

ManTech leaders discuss innovation and security with Google technologies

Tech

Defense

Cyber

Acquisition