Patch smarter, not harder.Lieuwe Jan Koning and ON2IT Field CTO Rob Maas break down why “patch everything now” isn’t a strategy, but a risk multiplier. In this session, they teach a practical patching strategy: know your assets, patch edge first, stage updates, and use Zero Trust segmentation to choke off exposure so you only patch what truly matters: fast, safely, and without outages.(00:00) - 01:11 - Intro

(01:11) - - 02:28 - Reality check #1: Not everything can be patched

(02:28) - - 05:02 - Reality check #2: Patches are scary

(05:02) - - 08:45 - The solution: Patch in phases

(08:45) - - 10:36 - How Zero Trust enables patch management

(10:36) - - 11:23 - Prioritization matters

(11:23) - - 14:50 - Patching tips and tricks

(14:50) - - 16:21 - Guidelines for patching triage

(16:21) - - 17:37 - Practical advice

(17:37) - - END - Outro
Key Topics Covered·       Why “patch everything immediately” fails; availability vs. security·       Staged deployments and rollback safety for crown-jewel services·       Zero Trust segmentation to reduce urgency and shrink attack surface·       Priority signals that matter: asset criticality, exposure, KEV, CVSSRelated ON2IT content & explicitly referenced resources ON2IT Zero Trust: https://on2it.net/zero-trust/ Threat Talks (site): https://threat-talks.com/ CVSS (FIRST): https://www.first.org/cvss/ CISA guidance – Citrix/NetScaler (Citrix Bleed example): https://www.cisa.gov/guidance-addressing-citrix-netscaler-adc-and-gateway-vulnerability-cve-2023-4966-citrix-bleed Crowdstrike episode: https://youtu.be/IRvWVg1lSuo?si=f8Sj6WYG0KNxlkJD Click here to view the episode transcript.

Ver todos los episodios