Keeping your organisation’s systems secure can feel like an endless battle. Patch management and vulnerability mitigation are often seen as tedious tasks, but they form the backbone of effective cybersecurity. In this episode of the Security Strategist podcast, host Richard Stiennon and Mike Walters, co-founder of Action1, break down why patching remains challenging and share practical strategies to make the process simpler, smarter, and more effective. Patch Management Remains a ChallengePatch management has been a concern since the earliest days of computing, dating back to mainframes and early PCs. Despite technological advances, it remains a "busy work" task that many IT teams find overwhelming. So what makes patching so hard today? One of the main reasons patching is still so difficult is the constant evolution of IT ecosystems. As Walters explains, "The biggest challenge is the ever-evolving nature of software with different applications, sources, and methodologies." Operating systems, third-party apps, and custom configurations all require tailored approaches for updates and patches, making uniform processes impossible. Large organisations often have hundreds or thousands of devices, each running different software versions requiring specific patches and testing before deployment. The COVID-19 pandemic has dramatically shifted traditional patching strategies. Pre-pandemic, enterprises could rely on corporate networks and distribution points for patches. Now, a dispersed workforce, VPNs, and hybrid cloud architectures have made remote patching more complex. As Walters notes, "Remote endpoints become a big challenge. You need network-agnostic solutions that work regardless of whether a device is connected to the corporate network or a coffee shop." Connection issues, bandwidth limitations, and endpoint diversity all impact security teams' ability to apply patches swiftly. Innovative Solutions for Streamlining Patch ManagementTo address these challenges, organisations are moving towards more intelligent and automated patching strategies. As Walters puts it, the starting point is simple: automation. By removing repetitive manual tasks, teams reduce the risk of human error and create space to focus on higher-value security work. Done properly, automation allows for scheduled updates, controlled testing, and the ability to roll back quickly if something goes wrong. At the same time, how patches are delivered matters just as much as when. Large updates can put significant strain on networks if pushed out all at once, which is why approaches like peer-to-peer distribution are gaining traction. By allowing endpoints to share updates locally, organisations can reduce bandwidth pressure and avoid bottlenecks. Flexible “catch-up” windows also ensure that devices which miss an update cycle can still be brought into compliance without disrupting operations. Modern environments are also driving a shift towards cloud-native, agent-based architectures. Instead of relying on a fixed network or VPN, these agents connect directly to cloud services, allowing patches to be deployed consistently across remote, mobile, and distributed devices. This approach reflects the reality of how people work today, where endpoints are no longer confined to a single network. Finally, effective patching is as much about control as it is about speed. Progressive rollouts—testing updates on a small group before expanding—help organisations avoid widespread disruption. By identifying issues early and isolating them quickly, teams can maintain stability while still ensuring that critical vulnerabilities are addressed without delay. Action1’s Unique ApproachAction1’s innovative model offers 200 free endpoints forever with no feature limitations, facilitating all sizes and types of organisations to implement effective patching solutions. By removing entry barriers, Action1 enables organisations to test, scale, and secure their patches more affordably. As Walters shares, "Offering free endpoints helps small IT teams get started, and as they grow, they stay with the platform."This approach promotes widespread adoption, accelerates security improvements, and creates a community of organisations committed to better vulnerability management. As cybersecurity environments become more complex and distributed, patching will remain a critical task—if not the critical task—of your security strategy. If you would like to find out more, visit: https://www.action1.com/ TakeawaysThe history and persistent nature of patch management issuesHow remote and hybrid work models impact patching strategiesThe importance of network-agnostic, agent-based patching solutionsHow to leverage automation and orchestration to reduce IT workloadPeer-to-peer distribution to optimise bandwidth during large-scale updatesDeveloping a phased, ring-based approach to patch deploymentReal-world challenges of patching high-availability systems and remote endpointsAction1’s unique offer of 200 free endpoints without feature limitationsThe significance of thinking like an attacker to anticipate vulnerabilities Chapters:00:40 - Mike Walters’ background and company journey 02:00 - Why patching remains a complex, evolving task 04:35 - The need for specialisation and solving patching for good 05:11 - Why patch management feels like busy work and its inherent difficulties 06:44 - Lessons from early vulnerability management experiences 09:38 - Handling patching challenges for remote and mobile users 10:15 - The implementation of agent deployment and catch-up windows 12:22 - Innovative bandwidth management using peer-to-peer distribution 14:55 - The value of automation and trust in large-scale environments 16:50 - Utilising update rings for safer, staged patch deployment 17:45 - Prioritising patching for zero-day vulnerabilities and rapid response 18:43 - Action1’s free tier for small IT environments supporting smaller organisations 21:35 - Practical insights for IT leaders: automation, application patching, and attacker mindset 24:53 - Closing thoughts: automation and proactive attack thinking
