Security software makers SecureWave and PatchLink announced a new partnership on Aug. 14 through which they will offer a single enterprise product meant to help ease companies work in delivering updates to endpoint devices.
As companies struggle to ensure that all of their PCs and other systems have been patched with the latest security updates distributed by companies like Microsoft, which addressed over a dozen problems in its Windows and Office products in early August, there is a growing demand for technologies that integrate systems monitoring and patch automation, according to the security vendors.
By combining their respective tools, customers will be able to identify potential vulnerabilities and distribute any necessary security updates with greater speed and accuracy, company officials said.
Specifically, the partners said that customers using the combined technologies will be able to automate updates to the white list of SecureWaves Sanctuarys application by incorporating patches and other updates directly from PatchLinks PLUS (PatchLink Update Server) system.
In addition to supporting Microsoft operating systems, and the firms Windows Update Server, the combined product will also cover Novell software and updates.
Through its ability to monitor for missing patches and remediate any issues, the product also promises to help provide regulatory compliance and IT governance by eliminating a hackers ability to replace patched files that have known security holes.
In addition, administrators can audit systems for blocked access attempts with removable media devices, including finding out what data was sought in such efforts, and by whom.
Company officials said that the move to combine the security vendors products is also driven by the increasing size of their respective customers.
As they deal with larger companies, the ability to pull tools together on a more fundamental level is critical to winning acceptance, said Dennis Szerszen, vice president of corporate strategy at SecureWave, Herndon, Va.
“As we move up the food chain, its inevitable that we run into other vendors like this where it makes a lot of sense to partner closely, there are needs around mitigating risk and handling volume that we can help here,” Szerszen said.
“Microsoft patches alone have overburdened IT administrators and their systems for handling patching.”
According to analysts at Boston-based Yankee Group, its takes an average of 13 days for large enterprises to address all their devices when a major security patch is distributed, and even longer within smaller organizations.
The growing frequency of so-called zero day attacks that seek to maximize attacks on new vulnerabilities has made the situation untenable for IT executives, according to the software makers.
“This gives companies the ability to lock down the desktop and still do all the patching they need to do, which is something were being asked for all the time,” said Chris Andrew, vice of security technologies at PatchLink.
“Protecting the desktop internally has a very useful function on its own, but it still leaves systems vulnerable to external penetrations; if you can add patch management into the picture, and lower the amount of time companies are exposed to threats, you have a much better chance of maintaining endpoint security.”