Posted on 03-08-2019 09:13 AM
I am the Jamf Admin for our small org of 250 people. I want to know how other admins approach security as far as updating software when zero day attacks hit. I stay tuned to zdnet.com but there has to be something else I should be paying attention to in order to make sure I get ahead of these types of attacks. My main goal is I don't want to be notified by my VP of IT that a zero day attack occurred and to push an update. I want to be the one that notifies him and then pushes the update.
Posted on 03-08-2019 09:34 AM
I would follow the security and security-alerts channels in the MacAdmins Slack if you want fairly immediate news. As far as patching, a lot of that is based on the specific app.
Chrome's a good example where the auto-update feature is pretty good. Yes, you can technically push out a new version, but most clients will already be patched.
Also... some VPs are gonna do their own thing and alert you regardless if you have already advised them of an exploit. Or they pride themselves on being "up to date" with security news.
Posted on 03-08-2019 09:42 AM
I'm following US Cert (https://www.us-cert.gov) - I guess that's a pretty good overview of current vulnerabilities and trends.
Posted on 03-08-2019 01:20 PM