Patch Management
Definition
Patch management is the systematic identification, testing, and installation of software updates (patches) to close known security vulnerabilities. It is one of the most effective measures to prevent cyberattacks.
Most successful cyberattacks exploit known vulnerabilities for which a patch is already available. Timely patching is therefore essential.
A good patch management process includes: inventory of all systems, scanning for open vulnerabilities (CVEs), prioritization based on CVSS score, testing patches in an acceptance environment, and rollout to production.