Automated Patch Management and Vulnerability Assessment Tool

Abstract

The exploitation of vulnerabilities is one of the most common ways for cybercriminals to infect computers now a days. A security vulnerability is a weakness in a software program that could allow an attacker to compromise the integrity, availability or confidentiality of that product and Patches are additional pieces of code developed to address problems in a software. Patches enable additional functionality or address security flaws within a program. Even though patches are released daily it is quite difficult even experienced system administrators to keep abreast of all the new patches and ensure proper deployment in a timely manner. Most major attacks in the past few years have targeted known vulnerabilities for which patches existed before the outbreaks. So the automating the patch management and vulnerability assessment is the best practise to proactively prevent the exploitation of software vulnerabilities that exist within an organization’s computer infrastructure. It is true that there are number of patch management and vulnerability assessment tools available in the market freely as well as commercially. But no one have a deep understanding of how those products are functioning and operating on their IT infrastructure. In this project it have discussed a way to developing an own patch management and vulnerability assessment tool by using freely available public vulnerability databases, tools, resources and the knowledge. Further a deep study has been done in the domain of patch management and vulnerability assessment by reviewing freely and commercially available patch management and vulnerability assessment tools.