Cyber Essentials Plus Packaging
Cyber Essentials Plus Packaging Services
Set and forget application monitoring and packaging services for your Business critical applications
Enterprises face tight timelines for critical patch and update management to remain within the Cyber Essentials Framework. APPtechnology’s service covers the applications that are not reached by turning on vendors' auto-update functionality or automated patch tooling.
Set and forget services for your business-critical application patching, minor or major releases
We help you set the business-critical application policies that will keep your organisation compliant to the Cyber Essentials Plus controls
Reduce your Workload
You decide on what actions you want undertaken on a per application basis.
When you onboard an application to our service, we agree the actions to be taken based on patch release, criticality, minor or major versions. For instance you will want critical patches packaged for deployment but may decide to skip functional patching. You could have minor versions packaged on release, but require business confirmation on major version packaging.
Alternatively, you could cut the cost of minor version packaging and only rebase-line your application following a critical support update so that your baseline application doesn’t have any critical flaws.
The choice is yours to decide on a policy that we will work to and you decide where business input is required.
Patching of Business-Critical Applications
The Cyber Essentials Plus control theme states software must be:
…patched within 14 days of an update being released, where the patch fixes a vulnerability with a severity the product vendor describes as 'critical' or 'high risk'. Some vendors release patches for multiple issues with differing severity levels as a single update. If such an update covers any 'critical' or 'high risk' issues, then it must be installed within 14 days.
APPtechnology will assess and packaged based on agreed policy or inform and confirm with the business before proceeding. You remain in charge and compliant.
Unsupported Applications
The Cyber Essentials Plus control theme states Software should be removed from devices when no longer supported, as product vendors do not generally release patches for products they no longer support.
Your organisation cannot predict which Vendors will drop product support or even cease to trade, but when they do you can be faced with a dilemma covering unsupported business critical applications that are integrated to other essential business processes.
APPtechnology have a host of Legacy application management solutions to enable the secure and protected continued use of unsupported software where a business exception is required.
Isolation and containerisation techniques ensure that any unsupported applications or server / client systems can withstand all the penetration test requirements to meet your CE+ requirements
Benefits you can expect
Application Monitoring
We monitor your critical business applications for patch and version releases
Patching
We monitor your specified vendor websites for new release activity
Version Updates
We create a new version or patch release based on your agreed requirements
Convenience
Online portal for additional requests or new software requirements
Flexibility
Add new applications to the monitoring service as required
Controllability
Request confirmation or immediate repackage, your rules, you decide
For medium to
large enterprises- Unique suite of
products - Providing legacy web
application solutions - Never beaten by a
Legacy Application