The National Cybersecurity Center of Excellence (NCCoE) is seeking public comments on two draft publications about enterprise patch management.
The first draft document titled Guide to Enterprise Patch Management Planning: Preventive Maintenance for Technology calls for the development of an enterprise strategy to simplify patching and improve risk reduction, the National Institute of Standards and Technology said Wednesday.
The second draft publication presents an example demonstrating how organizations can use tools to implement patching capabilities needed for emergency and routine patching conditions.
The draft document titled Improving Enterprise Patching for General IT Systems: Utilizing Existing Tools and Performing Processes in Better Ways also suggests workarounds and other alternatives to patching.
Comments on the draft publications are due Jan. 10th.