Patch management vendor Patchlink today announced a licence agreement with RSA Security for BSafe encryption in an attempt to combat what they feel is the biggest threat to enterprise security today, internal users.
Patchlink security technology vice president, Chris Andrew said encrypting the vulnerability status of patched or unpatched machines is integral to stopping insiders knowing too much about the security status of the network they are using.
Andrew stressed there have been no vulnerability exploits as yet between the Patchlink agent or server, but added enterprise network vulnerability status is critical information and should ideally be protected.
"Patch management systems gather sensitive information on the network, inventory and are constantly gathering information about patch vulnerabilities. In the world of insider threats the best information is which systems on the network can be exploited, then someone can find other vulnerable systems," Andrew said.
"Many systems being patched have critical customer data and by making all communications fully encrypted we can guarantee patching is done securely. Frequently customers have become more concerned about external machines, but in 2006 the environment is changing as people are looking at threats from the inside because it has become a more important threat vector.
"We are the first patch management company licensing strong encryption for use inside our product ... we are using a Web-based delivery system to download encrypted patch data and the OEM licencse with RSA Security allows us to deliver encryption to all customers as a free upgrade to existing subscribers."
Andrew said the near future for Patchlink will concentrate on integrating a network scanner with the patch management system so IT managers and network security employees can conduct an internal penetration test to automatically find any network holes or vulnerabilities caused by an unpatched system.
"We (Patchlink) are looking at introducing the idea of a penetration test tool from inside the network ... not an awful lot of products out there have a scanner integration model and we are pushing the idea of using a "check and balance" integrated system so a network scanner can correlate results; if there are any discrepancies for vulnerabilities a red flag will go off."