Patch management

Patch management is the routine of tracking, testing, and applying software and firmware updates so that publicly known vulnerabilities don't sit open on your systems. The overwhelming majority of breaches exploit bugs that had a fix available — sometimes for years. For an SMB the win is mostly process: enable automatic updates where safe, and have a defined window to apply the rest, prioritising internet-facing systems.