Issue No. 01 - January/February (2003 vol. 20)
<p>Effective security patch management is critical to defending against Internet-based attacks. Despite its importance, surprisingly little has been written on the processes that organizations use to implement patch management. This article examines eight key practices intrinsic to effective, systematic, and repeatable patch management and proposes performance measures for evaluating it. The authors derived these key practices from industry pilot projects for improving patch management.</p>
R. A. Small and B. Brykczynski, "Reducing Internet-Based Intrusions: Effective Security Patch Management," in IEEE Software, vol. 20, no. , pp. 50-57, 2003.