What is patch management?
D4 ยท Operations ยท CompTIA Security+ SY0-701Patch management is the systematic process of identifying, acquiring, testing, and deploying software updates (patches) to fix vulnerabilities, bugs, and improve functionality across an organization's systems.
Patch management lifecycle: discover assets โ identify missing patches โ test patches (in non-production) โ deploy โ verify โ document.
Types: security patches (critical โ deploy ASAP), bug fix patches, feature updates.
Patch management lifecycle: discover assets โ identify missing patches โ test patches (in non-production) โ deploy โ verify โ document.
Types: security patches (critical โ deploy ASAP), bug fix patches, feature updates.
Unpatched systems are the #1 cause of successful attacks. Patch management reduces attack surface. Know the difference between vulnerability scanning (finds missing patches) and patch management (deploys them). Emergency patches (zero-day) may skip normal testing cycles.