ORIGINA'S VULNERABILITY ADVISORIES
A VULNERABILITY IS A WEAKNESS OR FLAW IN COMPUTER SOFTWARE THAT CAN BE, AND OFTEN IS, EXPLOITED BY A THREAT ACTOR.
Vulnerabilities can occur because of mistakes in the code development process or because of configuration weaknesses in the installed environment.
All computer systems have vulnerabilities. If you do not address them, vulnerabilities can have an adverse effect on software performance and provide threat actors with an opportunity to exploit the weakness.
The Common Vulnerabilities and Exposures (CVE) list, https://cve.mitre.org/cve, publishes and categorizes publicly disclosed security vulnerabilities and exposures in computer software.
The list was established In 1999 by the MITRE Corporation, a nonprofit organization that is sponsored by the National Cyber Security Division of the US Department of Homeland Security.
When a new vulnerability is discovered by security researchers, it is added to the CVE list so that vendors and organizations can protect their products and systems. In most cases, the software vendor releases a software patch or fix to address the vulnerability. Under a process called Responsible Vulnerability Disclosure (RVD), vendors are informed about vulnerabilities in advance of publication. There is no requirement on vendors to develop a timely software fix and, meantime, you remain vulnerable to the risk.
Vulnerability solutions take time to develop and there is no guarantee that a vendor will provide a security fix for a vulnerability, especially if the software version is designated as End of Support (EoS).
ORIGINA’S VULNERABILITY ADVISORY SERVICE
HOW DO VULNERABILITY ADVISORIES WORK?
When IBM publishes a new security bulletin for an IBM software product, if the vulnerability is critical, Origina’s independent Global IBM Experts and cybersecurity teams collaborate to write a vulnerability advisory.
The potential risk of a vulnerability is assessed according to three primary factors:
The existence of a known vulnerability in the software product
The possibility that a threat actor could gain access to the vulnerability
The capability of the threat actor to take advantage of the vulnerability
Our experts focus on the access and exploit characteristics of each vulnerability so that they can identify the appropriate mitigating solution.
Origina sets out all the critical threat intelligence relating to the vulnerability of software that we support in one central location to help you to respond to vulnerabilities quickly and effectively. Each vulnerability advisory includes the severity score, lists the affected product versions, and characterizes the type of weakness it represents.
The Vulnerability Advisory service also offers recommended solutions for how to prevent exposure. These solutions take many forms, including:
Origina provides you with a monthly digest that links to a secure portal where we post summaries all new vulnerability advisories.
Origina’s Vulnerability Advisory service ensures that you are always notified of new critical security threats facing your IBM software, along with solutions to mitigate threats, regardless of which product version you are using.
Support doesn’t necessarily end when we notify you of vulnerabilities and solutions. Unlike vendor-supplied software support, as an Origina customer, you can draw upon the experience of our independent Global IBM Experts to implement the recommended solution for you.
PROTECTED FROM START TO FINISH
Vulnerability Advisory Features:
get better software support for your business
See how much you could save by switching to Origina