What is compliance?
• All enterprises must meet IT Security compliance
• Compliance is dictated by the Information Security
• Compliance can be all encompassing and we will
discuss portions of it over the next couple of weeks
• This week we will be concentrating on Software
What is software compliance?
• Software compliance can include many items
– Hardening servers
– Ensuring Antivirus products are installed
– Installing updates to fix vulnerabilities
– Mitigating vulnerabilities that don’t have patches
– Risk Management
What are software updates?
• Software updates (or patches) are provided
by a company to patch vulnerabilities
• Some examples of providers are Microsoft,
Java, Adobe, Linux, etc.
• Vulnerabilities are weaknesses in an
Operating System or Software product that
could open it to hackers, viruses, malware,
How would these updates be applied?
• Updates should be applied as soon as they are
• Vulnerabilities that are listed with a high rating
are especially important
• In the example of Windows, these
updates/patches would be applied using a
WSUS server or by the Windows update tool
• For other providers such as Java, the updates
would be downloaded from their website
How are Vulnerabilities Rated?
• If you would like to understand the ratings of
vulnerabilities, you can do some reading on
• All vulnerabilities are rated using CVSS and it is
widely accepted in the same way ITIL is accepted
• More information on CVSS can be found here:
– I will place the pdf guide on Blackboard as well
How does this all apply to this class?
• Updates/patches will usually be applied by the 3rd-
level development team
• After applying updates they can run a scan using tools
such as “Microsoft Baseline Security Analyzer
(MBSA)” to double check that the updates completed
(http://technet.microsoft.com/en-us/security/cc184923) . This is called a
• It is important to double check the work, ensure it
• After confirming all updates/patches have completed
successfully, the applications the users need will be
tested to ensure they still function the same
• This goes back to last week where the 3rd-level installs
then sends to a QA tester to confirm functionality
• Updates/patches can cause major issues to
applications sometimes, especially in-house
• After all testing has completed and functionality is
confirmed the updates/patches are rolled out to all the
Can things go wrong?
• Yes! Often when everything gets rolled out
many issues occur
• When these issues occur the users will call into
the service desk, this would be considered a
• A problem record would then be raised for
investigation by the 3rd-level team, a known
error record would follow soon after
• An update may be rolled back if it has a major
impact on users
• I want to familiarize you with some of the tools
used for this whole process
• We will be working with:
– A WSUS Server
– Microsoft Baseline Security Analyzer (MBSA)
– Retina VA scanner
– Spiceworks Tickets (of course)
• Since we can’t simulate a major failure, let’s learn
about how to use some of these tools
Open mylm and clone the following to your
workspace and we will begin simulation:
A particular slide catching your eye?
Clipping is a handy way to collect important slides you want to go back to later.