Toggle light / dark theme

IBM researchers develop a technique to virtually patch vulnerabilities ahead of threat

Posted in security

Researchers at IBM have recently devised a new technique to virtually patch security vulnerabilities before they are found. Their approach, presented at the International Workshop on Information and Operational Technology, co-located with RAID18, leverages testing techniques for supervised learning-based data generation.

“While researching a solution to find security vulnerabilities in popular software, we paused to think about the following problem: We know practically and theoretically that it is impossible to find all vulnerabilities in an application, and the security community is in a constant race to discover those vulnerabilities in the hope of finding them before the bad guys do,” Fady Copty, lead researcher of the study, told TechXplore. “This means enforcing regulations and constantly deploying to systems.”

Deploying a on an application is a tedious and time-consuming task, which entails a series of steps: identifying the vulnerable version of the application, managing this , delivering the , deploying it and then restarting the application. Often, patches are deployed over long periods of time, hence can remain vulnerable for a period after a vulnerability has been discovered. To speed up this process, researchers have recently introduced virtual patches, which are enforced using intrusion detection and prevention systems.

Read more

Leave a Reply