Safeguard
Tag

patch-management

Safeguard articles tagged "patch-management" — guides, analysis, and best practices for software supply chain and application security.

53 articles

Vulnerability Management

Zero-Day Patch Response at Scale: Can Open Source Maintai...

Zero-day patch timelines swing from 3 hours to 10 weeks across open source projects. Here's why maintainer capacity, not tooling, is the real bottleneck.

May 16, 20268 min read
Vulnerability Response

CVE-2026-0300 in Palo Alto PAN-OS: Patch Posture & SBOM Response

PAN-OS Captive Portal pre-auth RCE scored CVSS 9.3 and landed on CISA KEV with a three-day patch deadline. Defender playbook below.

May 7, 20267 min read
Open Source Security

Patch management strategies for open source dependencies

A practical guide to patch management for open source dependencies: prioritizing by reachability and EPSS, not CVSS alone, and building a repeatable remediation loop.

Apr 30, 20267 min read
Vulnerability Response

CVE-2025-53521 in F5 BIG-IP APM: Patch Posture & SBOM Response

F5 BIG-IP APM bug reclassified from DoS to RCE at CVSS 9.8 and landed on CISA KEV. Defender playbook for the late-cycle severity surprise.

Mar 29, 20267 min read
Vulnerability Management

How to set up a vulnerability management program

A step-by-step guide to setting up a vulnerability management program: scanning schedules, risk-based triage, patch management, and metrics that hold up in an audit.

Feb 11, 20268 min read
Concepts

What Is Patch Management?

Patch management is the process of finding, testing, and deploying software updates that fix bugs and security flaws. Learn the lifecycle, prioritization, and why it matters.

Feb 6, 20266 min read
Vulnerability Response

CVE-2025-15467 in OpenSSL CMS: Patch Posture & SBOM Response

OpenSSL CMS pre-auth stack buffer overflow scored CVSS 9.8. Mail servers, web servers, and anything that processes S/MIME need the fix. Defender playbook below.

Jan 28, 20267 min read
Application Security

What is Vulnerability Remediation

Vulnerability remediation means fixing a flaw at its source, not just detecting it. Learn the workflow, real MTTR benchmarks, and prioritization.

Jan 21, 20267 min read
Vulnerability Analysis

Sudo Baron Samedit heap overflow (CVE-2021-3156)

A decade-old sudo heap overflow, CVE-2021-3156 (Baron Samedit), let any local user gain root. Here's what's affected and how to fix it.

Jan 18, 20267 min read
Vulnerability Analysis

PrintNightmare Windows Print Spooler RCE (CVE-2021-34527)

A critical Print Spooler flaw (CVE-2021-34527) enabled unauthenticated SYSTEM-level RCE on nearly every Windows host. Here's what happened and how to fix it.

Jan 17, 20268 min read
Vulnerability Analysis

HTTP/2 Rapid Reset DDoS technique (CVE-2023-44487)

CVE-2023-44487 (HTTP/2 Rapid Reset) fueled record DDoS attacks by abusing stream resets. Here's the impact, timeline, and how to remediate it.

Jan 16, 20267 min read
Vulnerability Analysis

Dirty COW Linux kernel privilege escalation (CVE-2016-5195)

Dirty COW (CVE-2016-5195) let local attackers hijack a kernel race condition for root. Nine years old, still found in fleets — here's how to find and fix it.

Jan 10, 20268 min read
patch-management (Page 2) — Safeguard Blog