ABSTRACT
Patch management is an important part of securing your computing environment. New security vulnerabilities are found in software and systems every day, and these vulnerabilities can introduce risk into an organization’s information technology infrastructure. Patches and updates to systems are needed to mitigate these vulnerabilities. Gartner Group reports that 90 percent of machines are exploited using known vulnerabilities that had patches available. A good patch management process can minimize these risks by ensuring the patches are applied. It can also shorten the timeframe that an organization is exposed to newly discovered vulnerabilities by making sure patches are applied in a timely manner. These patch management processes consist of several different components and need to take into account an organization’s structure, policies, risk tolerance, and available resources.
