Today, 99.96% of active vulnerabilities in corporate endpoints are related to missing updates. If these updates were installed, they would greatly contribute to preventing security risks. In fact, according to Ponemon Institute,2 57% of victims of cyber attacks said that applying a patch would have prevented them from being attacked and 34% said that they knew about the vulnerability before the attack.
What’s more, 86% of vulnerabilities are due to unpatched third-party applications such as Java, Adobe, Firefox, Chrome, Flash, and OpenOffice, among others
IT IS TIME TO CHANGE THIS TREND WITH PANDA PATCH MANAGEMENT
Panda Patch Management is a user-friendly solution for managing vulnerabilities in operating systems and thirdparty applications on Windows workstations and servers. It reduces the attack surface, while at the same time strengthening your organization’s prevention and containment capabilities.
The solution does not require any new endpoint agents or management consoles, as it is fully integrated with all of Panda Security’s endpoint solutions.
It also provides centralized, real-time visibility into the security status of software vulnerabilities, missing patches, updates and unsupported (EOL) software, inside and outside the corporate network, as well as easy-to-use and real-time tools for the entire patch management cycle: from discovery and planning to installation and monitoring.
Vulnerability discovery is a long process. However, response must be immediate in the event of an incident.
Companies are decentralized, employees are not continuously connected to the corporate network. Onpremises VM tools do not cover these scenarios.
Most VM tools require another specific agent on endpoints that are already overloaded.
The Microsoft VM tool does not allow organizations to carry out centralized, unified updates of third-party applications.
Other security solutions that offer patch management do not correlate detection with vulnerable endpoints to speed up response and mitigation of the attack.
Within a single user-friendly solution, Panda Patch Management allows you to:
Audit, monitor and prioritize operating system and application updates. The single-panel view offers centralized, up-to-theminute and aggregated visibility into the security status of the organization with regard to vulnerabilities, patches and pending updates of systems and hundreds of applications.
Prevent incidents, systematically reducing the attack surface created by software vulnerabilities. Handling patches and updates with easy-to-use, real-time management tools that enable organizations to get ahead of vulnerability exploitation attacks.
Contain and mitigate vulnerability exploitation attacks with immediate updates. The Panda Adaptive Defense 360 console, in conjunction with Patch Management, allows organizations to correlate detected threats and exploits with vulnerabilities. Response time is minimized, containing and remediating attacks by immediately pushing out patches from the web console. Affected computers can be isolated from the rest of the network, preventing the attack from spreading.
Reduce operating cost:
Panda Patch Management does not require you to deploy new endpoint agents or update any existing agents, simplifying management and avoiding workstation and server overload.
Minimizes patching efforts as updates are launched remotely from the Cloud-based console. Additionally, installation is optimized to minimize errors.
Provides complete, immediate visibility into all vulnerabilities, pending updates and EOL3 applications immediately after activation.
Comply with the accountability principle, integral to many regulations (GDPR, HIPAA and PCI). This forces organizations to take the appropriate technical and organizational measures to ensure proper protection of the sensitive data under their control.
Panda Patch Management provides all necessary tools to manage the security and updates of the operating system and third-party applications from a single console:
Single-panel view with real-time information of all vulnerable computers, pending patches and unsupported (EOL) software, with their remediation status.
Detailed information about pending patches and updates, details of relevant security bulletins (CVE), as well as computer and computer group information, and more. Available actions:
Filter and search for patches based on criticality, computer, group, application, patch, CVE and status.
Ability to take actions directly on computers: restart, install now or schedule.
Unattended scanning for pending updates, in real time or at periodic intervals (3, 6, 12 or 24 hours).
Notification of pending patches in exploit detections. Ability to launch installations immediately or schedule them from the console, isolating the computer if required.
Patch and update planning and installation tasks:
Configurable by criticality.
On specific endpoints and groups.
Immediate, scheduled for one-time execution or for repeated execution at regular intervals (date/time).
Ability to control computer restarts and set exceptions.
Rollback to uninstall a patch that may cause an unexpected conflict with an existing configuration.
Endpoint and update status monitoring via:
Dashboard and actionable lists.
High-level and detailed reports.
Lists of updated computers, computers with pending updates with errors.
Granular management based on groups and roles with different permissions:
Role-based visibility into vulnerable computers, patches and Service Packs.
Centralized control over updates, patches and software:
Ability to disable Windows Update and centrally manage operating system updates.
Ability to exclude specific patches by version and by type.