One core belief in the Options’ security team is that in many cases, the risk presented by an exploit is proportional to the square of the time required to address it. If a system can be patched within hours of an exploit being accounted, that risk can be dramatically reduced, whereas the potential impact grows exponentially with each additional day that passes.
We continuously run drills focussed on rapid mitigation. Practice makes perfect. Last week the team reacted to the Exchange Marauder at breakneck speed, patching our global Exchange infrastructure overnight on March 2nd. Read our response here.
Yesterday saw the next live drill. This time was F5, a leading provider of web-facing solutions used by 48 of Fortune 50 companies, that’s in the spotlight.
Yesterday F5 announced 21 vulnerabilities – of which 7 have been singled out for urgent attention.
Options know time is of the essence with security announcements, the sooner a vulnerability is known about, the sooner action can be taken, and the less opportunity there is for hackers to exploit.
Highlights:
Notification: | 14:45 Wednesday, March 10th | ||
Patching Commenced: | 15:00 Wednesday, March 10th | ||
Estate Patched: | 05:00 Thursday, March 11th | ||
Impact: | Zero impact/downtime |
N.B: All times ET
To learn more about Options Managed Security offering click here.
John Gracey
Options Chief Security Officer