PROTECT

lock icon

ORIGINA'S VULNERABILITY ADVISORIES

A VULNERABILITY IS A WEAKNESS OR FLAW IN COMPUTER SOFTWARE THAT CAN BE, AND OFTEN IS, EXPLOITED BY A THREAT ACTOR.

Vulnerabilities can occur because of mistakes in the code development process or because of configuration weaknesses in the installed environment.

All computer systems have vulnerabilities. If you do not address them, vulnerabilities can have an adverse effect on software performance and provide threat actors with an opportunity to exploit the weakness.

The Common Vulnerabilities and Exposures (CVE) list, https://cve.mitre.org/cve, publishes and categorizes publicly disclosed security vulnerabilities and exposures in computer software. 

Vulnerability Advisories

The list was established In 1999 by the MITRE Corporation, a nonprofit organization that is sponsored by the National Cyber Security Division of the US Department of Homeland Security.

When a new vulnerability is discovered by security researchers, it is added to the CVE list so that vendors and organizations can protect their products and systems. In most cases, the software vendor releases a software patch or fix to address the vulnerability. Under a process called Responsible Vulnerability Disclosure (RVD), vendors are informed about vulnerabilities in advance of publication. There is no requirement on vendors to develop a timely software fix and, meantime, you remain vulnerable to the risk.

Vulnerability solutions take time to develop and there is no guarantee that a vendor will provide a security fix for a vulnerability, especially if the software version is designated as End of Support (EoS).

ORIGINA’S VULNERABILITY ADVISORY SERVICE

When your organization moves your IBM software support to Origina, you are entitled to all software patches and fix packs that were released until your support agreement with IBM expires. However, you are not entitled to patches for vulnerabilities that are released after the expiry of your IBM S&S agreement. Origina’s Vulnerability Advisory service monitors IBM security bulletins and responds with pragmatic solutions that mitigate the threat of the vulnerability.

HOW DO VULNERABILITY ADVISORIES WORK?

When IBM publishes a new security bulletin for an IBM software product, if the vulnerability is critical, Origina’s independent Global IBM Experts and cybersecurity teams collaborate to write a vulnerability advisory.

The potential risk of a vulnerability is assessed according to three primary factors:

EXISTENCE

ACCESS

EXPLOIT

The existence of a known vulnerability in the software product
The possibility that a threat actor could gain access to the vulnerability
The capability of the threat actor to take advantage of the vulnerability

Our experts focus on the access and exploit characteristics of each vulnerability so that they can identify the appropriate mitigating solution.

Origina sets out all the critical threat intelligence relating to the vulnerability of software that we support in one central location to help you to respond to vulnerabilities quickly and effectively. Each vulnerability advisory includes the severity score, lists the affected product versions, and characterizes the type of weakness it represents.

The Vulnerability Advisory service also offers recommended solutions for how to prevent exposure. These solutions take many forms, including:

Origina provides you with a monthly digest that links to a secure portal where we post summaries all new vulnerability advisories.

Origina’s Vulnerability Advisory service ensures that you are always notified of new critical security threats facing your IBM software, along with solutions to mitigate threats, regardless of which product version you are using.

Support doesn’t necessarily end when we notify you of vulnerabilities and solutions. Unlike vendor-supplied software support, as an Origina customer, you can draw upon the experience of our independent Global IBM Experts to implement the recommended solution for you.

PROTECTED FROM START TO FINISH

Because we provide full support for all IBM software product versions, from the latest version to versions that are designated as end-of support by IBM, you receive hands-on and close support to protect your software for the duration of your contract with Origina. Moreover, if you deploy patches or solutions that Origina creates, you receive a perpetual right to use them even if you do end your support with Origina in the future.

Vulnerability Advisory Features:

get better software support for your business

See how much you could save by switching to Origina

Work With us