ABSTRACT
Understanding that patch management is just a process and nothing more should ease an organization’s mindset. It is neither a complete rearchitecture of the environment, nor does it require a major organizational change. It does not require a separate budget to keep it functioning on an annual basis. However, it does require communication, collaboration, and a sense of understanding of what is expected from everyone in the organization to protect them from the vulnerabilities and exploits that result in the lack of patched systems. With the release of vulnerabilities today occurring at a rapid rate, it is better to address the vulnerability before an exploit is executed within the infrastructure. The patch management process will reduce the risk of a successful exploit. It should be looked at as a proactive measure instead of a reactive one. On the other hand, it is a security measure that an organization implements to improve its overall security posture.
