Reply to post: Re: Architectural issues as well?

Missed patch caused Equifax data breach

Thumb Up

Re: Architectural issues as well?

A combination of architecture and policies could absolutely enable a company to patch many, if not most, critical vulnerabilities in very little time.

To illustrate, I was able to patch for Heartbleed and POODLE in less than a day because a) the right architecture was in place (F5 BIG-IPs front-ending all public-facing entry points) and b) the execs had my back and supported the right policies.

To contrast, my bank (one of the top-three in size in the USA) took almost a year to patch some of these high-sev vulnerabilities.

By the way, let's stop calling F5 BIG-IPs "load balancers" - they're Application Delivery Controllers (ADCs). Balancing the load is but one of many of its features. Why is this important? F5-gear is expensive and there are plenty of lower cost (or even 'free') load balancers out there. Why pay for F5 LBs if you can use AWS ELBs for 'free'...? Execs, PMs, Business Units, and Developers usually don't know the difference and have no idea what functionality they're giving up...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019