Glossary

    [resources, glossary, patch-management]

    vulnerability management

    Patch Management

    What is Patch Management?

    Patch management is a term that describes how updates are applied to software. When security vulnerabilities are found in software or hardware (supported or used by a company), often an updated code snippet is pushed out to devices that might be at risk. This kind of small software update is referred to as a “patch.” Patches often include security updates, however, they may also roll out new features or fix previously reported bugs.  

    The enterprise IT and security challenge with these kinds of patches is ensuring that end users are installing system and app-related patches in a timely manner. Automated patch management tools exist for businesses to ensure that patches are rolled out in such a way that the end user has no choice but to install the update.

    What are the Benefits of Patch Management?

    In addition to helping keep systems and customer data secure, patch management also helps improve performance, uptime, and customer satisfaction. By using patch management to roll out new features, software is able to adapt to customer needs over time.   

    Patch management — and the documentation of patches —- is also an important part of meeting cybersecurity compliance requirements.

    How does Patch Management Work?

    The patch management lifecycle depends upon how complex an organization’s asset inventory and data sources are. Generally speaking, the process includes the following steps:

    1. Inventory IT assets that may need to be patched now or in the future
    2. Maintain automated scans for vulnerabilities reported by software vendors
    3. Identify the missing patches required, ideally using one patch management solution (to prevent multiple updates from different sources)
    4. Test the patch on a non-production environment or machine
    5. Deploy patches in priority order, and validate patch installation across the inventory
    6. Generate a status report on the latest patches