Vulnerabilities, updates, and patch management are handled according to the ISMS guidelines, ISO 27001, Annex A.12.6.1 (Management of Technical Vulnerabilities) and SOC 2 Controls CC 5.2-15 and CC 8.1-03. A policy document is available on request.
Regular Agent updates are released several times a month while Platform/Server updates are released several times a year. The updates contain enhancements, bug fixes, and new features. With each release, the customers get a notification, release notes, and updated documentation.
The target for security event response time and trend is several hours. The target maximum delay of critical security updates (releases) or other corrective measures is less than 1 workday.
Platform/Server updates for Cloud deployments are automatic. On-Premise and Private Cloud customers can update their server(s) from the Teramind Dashboard. Depending on the configuration, Server/Platform updates can take from a few minutes to several hours.
Agent updates can be done locally or remotely with SCCM / Group Policy / other remote deployment tools.
Server OS/package updates for On-Premise deployments can be applied via the VM console or through an SSH session. OS/package updates for Private Cloud (e.g., AWS, Azure, etc.) deployments can be done through the hosting providers portal.