• Sign In
    • Customer
    • Partner
    • Employee
    • Research
  • Create Account
  • EN
  • magnifying glass search icon to open search field
  • Get Started
  • Contact Us
  • Resources
  • Get support
  • Under Attack?
Palo Alto Networks logo
  • Products
  • Solutions
  • Services
  • Partners
  • Company
  • More
  • Sign In
    Sign In
    • Customer
    • Partner
    • Employee
    • Research
  • Create Account
  • EN
    Language
  • Get Started
  • Contact Us
  • Resources
  • Get support
  • Under Attack?
  • Unit 42 Threat Intelligence

White Paper

Securing the Unpatchable in Financial Institutions

asset thumbnail

There are no flawless software systems or applications. When these flaws result in security vulnerabilities, threat actors may exploit them to compromise those systems and applications and, by extension, the endpoints on which they reside. Although software vendors issue patches to remediate flaws, many financial institutions do not apply all available patches to their production environments in a timely fashion. In addition, when systems or applications reach their end-of-support, they no longer receive vulnerability patches from their vendors. These two scenarios describe the conditions under which a system or application is considered "unpatchable." When patching or upgrading is no longer feasible, security professionals need to identify alternative ways to secure the unpatchable systems and applications to support their ongoing use as required for other business strategies.

This document presents a case study that discusses the security, risk and compliance ramifications of operating unpatchable systems and application such as legacy Windows® Operating Systems (e.g., Windows XP, Windows 8).  These may still be found in older ATMs and aging endpoints that support check scanners, printers for passbooks, ATM cards, and other legacy banking applications.

The case studies outline the core attack vectors that threat actors can use to compromise unpatchable systems and applications and offer a technical solution that eliminates the reliance on vulnerability patches as a security measure while preventing breaches on the endpoints that operate those unpatchable systems and applications.  This advanced endpoint protection uses a multi-method approach to detect and address exploits and malware while using machine learning, as well as static and dynamic analysis to identify cyber threats.

For more information on cybersecurity for the financial sector, visit our Financial Services industry page at  https://www.paloaltonetworks.com/products/security-for/industry/financial-services.html

Download
Share page on facebook Share page on linkedin Share page by an email
Related Resources

Access a wealth of educational materials, such as datasheets, whitepapers, critical threat reports, customer stories, informative cybersecurity topics, and top research analyst reports

See all resources

Get the latest news, invites to events, and threat alerts

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.

black youtube icon black twitter icon black facebook icon black linkedin icon
  • USA (ENGLISH)
  • AUSTRALIA (ENGLISH)
  • BRAZIL (PORTUGUÉS)
  • CANADA (ENGLISH)
  • CHINA (简体中文)
  • FRANCE (FRANÇAIS)
  • GERMANY (DEUTSCH)
  • INDIA (ENGLISH)
  • ITALY (ITALIANO)
  • JAPAN (日本語)
  • KOREA (한국어)
  • LATIN AMERICA (ESPAÑOL)
  • MEXICO (ESPAÑOL)
  • SINGAPORE (ENGLISH)
  • SPAIN (ESPAÑOL)
  • TAIWAN (繁體中文)
  • UK (ENGLISH)

Popular Resources

  • Blog
  • Communities
  • Content Library
  • Cyberpedia
  • Event Center
  • Investors
  • Products A-Z
  • Tech Docs
  • Unit 42
  • Sitemap

Legal Notices

  • Privacy
  • Trust Center
  • Terms of Use
  • Documents

Popular Links

  • About Us
  • Customers
  • Careers
  • Contact Us
  • Manage Email Preferences
  • Newsroom
  • Product Certifications
Report a Vulnerability
Create an account or login

Copyright © 2023 Palo Alto Networks. All rights reserved