Why use virtual patching?
Traditional patch management is the practice of applying software fixes to a system to fix a bug or vulnerability. Virtual patching instead fixes the same problem by having ModSecurity intercept the offending requests before they can reach the vulnerable system. There are many advantages offered by virtual patching that make it an attractive option to traditional patching. Here are some of the best reasons to use virtual patching:
Speed
Applying a virtual patch is something that can be done in a very short amount of time, once you have details on a specific vulnerability. Traditional patching requires you to wait for a vendor-supplied fix, write one yourself or trust a third-party patch. Virtual patching puts the power back in your hands as there's no need to rely on any third party to finish writing a patch. This puts you ahead of the curve when it comes to securing your web services against attacks—something that really matters as speed can be critical when it...
