Manualshelf

HP OSMS white paper: Security of Open Source Middleware Stacks

ManualsBrandsHP ManualsSoftwareHP Linux Caliper Software Electronic LTU
11121314151617181920
amount of time. This period is continually shrinking, with time from the announcement to the time of
discovering an exploit typically being less than one day , as shown in Figure 5. This grants crackers the
luxury of not searching for vulnerabilities themselves; they can rely on the computer security infrastructure
to inform them of the best targets.
The following three figures represent the vulnerability lifecycle, which is a depiction of the risks a single
system faces over time due to a single vulnerability. The goal of security is to reduce the amount of exposure
time a system experiences a risk, and to reduce the degree of exposed risk. Figure 5 represents the system
risks over time for an unmitigated system, one that has not been hardened or had security patches promptly
applied. Figure 6 represents the reduction of system exposure time due to the prompt application of
security patches. Figure 7 represents the reduction of system risk from carefully hardening the system
configuration
Figure 5 Threat Risks to Unmitigated System
Figure 6 Threat Risks to Timely Patched System
14