Evaluate your company's response time to CVEs and Windows updates.
To better assist you in determining and responding to your company's vulnerabilities,
Trend
Micro designed certain metrics to complement each other for greater clarity.
The Mean Time to Patch and Average Unpatched Time work together to help you evaluate
your
company's typical response time to install important patches on vulnerable Windows
operating
systems.
 |
ImportantMean Time to Patch (MTTP) and Average Unpatched Time (AUT) only apply to supported
Windows operating systems.
|
|
Metric
|
Description
|
||
|
Mean Time to Patch (MTTP)
|
Calculated by subtracting the release date of important Windows KBs from the time
you
installed the KB on endpoints and then averaged out across all supported endpoints.
Only includes cumulative KBs listed on the following sites for the calculations:
Although there is a daily MTTP value, the weekly and monthly values are a weighted
average
based on the number of KB installation events due to the highly uneven distribution
of
events across days.
For example, companies typically test an operating system KB before distributing the
patch
to all endpoints, which results in a large number of events clustered right after
testing
completes.
|
||
|
Average Unpatched Time
|
Calculated by subtracting the release date of important Windows KBs from the current
date
for all unpatched endpoints.
Average Unpatched Time calculations occur daily. Weekly and monthly averages use a
simple
average calculation based off the daily values.
|
