1656 - 漏洞面前失败绝非选项德国电信如何利用 Concert 实现火箭般的补丁管理速度.pdf

《1656 - 漏洞面前失败绝非选项德国电信如何利用 Concert 实现火箭般的补丁管理速度.pdf》由会员分享，可在线阅读，更多相关《1656 - 漏洞面前失败绝非选项德国电信如何利用 Concert 实现火箭般的补丁管理速度.pdf（13页珍藏版）》请在三个皮匠报告上搜索。

1、1656-Failure is not an option with vulnerabilities.How Deutsche Telekom leveraged Concert forRocket Speed PatchMgmtJohn Fischer,Chief Information Security Officer,Deutsche Telekom ITBernd Dammrose,Principal Architect,Account Technical Lead Deutsche Telekom Group,IBM198.000employeesworldwide*22mnbroa

2、dbandcustomers116bnrevenuein202425mnfixed-network lines261mnmobilecustomersGroupKeyfactsFiguresbasedonannualreport2024.*ReportingdateDecember31,202410/10/20252Less time to patch more vulnerabilities.3200%More vulnerabilities within the last 2 years to patch80%Less available downtimes 35%Less operati

3、onal patching staffA 13 day pilot was done to prove reduction time to CVE resolution and significant reduction of manual efforts of patching.4Concerts extends and integrates into existing SMNow Config-,Change-and Incident Management 5IBM ConcertConfiguration Mgmt:CI InfoPredefined Change windowsExpo

4、sure LevelApplication Handling ReferencesCVEsThird Party ApprovalBusiness sidesPatching T-Systems managed machinesCVE correlationDT specific scoringAI based Patching suggestionsApp specific&Cross-NatcoDashboardingPatch-TriggeringChange&Incident creationPatching orre-imagingQAIBM Concert WorkflowsCha

5、nge&Incident MgmtChange BoardApprovalApplication Owneror any other Natcos ITSM-Toolor any other Natcos ITSM-ToolCreateUpdate review TaskValidate Approval&ScheduleApplication OwnerSonarQubeQualysCheckmarxApp/Pattern specificChange data e.g.:-patch governance-Restart script-The PACCA Architecture Over

6、view for OS patching Clouds as well as on-prem6DBaaS/PostgreSQLStore/update dataGet state after patchSet maintenance modewatches for jobspull vulnerabilitiesCreating snapshotStart patching workflowAuthorize userKeycloakFedrate RolesArgoCDCaaSAuthenticate userCreate RolesCreate Roles on onboardingReg