Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More<\/em><\/p>\n\n\n\n Unpatched systems are a ticking time bomb.\u00a0Fifty-seven percent\u00a0of cyberattack victims acknowledge that available patches would have prevented breaches, yet nearly\u00a0one-third admit\u00a0failing to act, compounding<\/span> the risk.<\/p>\n\n\n\n Ponemon research shows organizations now take an alarming average of 43 days to detect cyberattacks, even after a patch is released, up from 36 days the previous year. According to the Verizon 2024 Data Breach Investigations Report, attackers\u2019 ability to exploit vulnerabilities surged by\u00a0<\/span>1<\/span>80%\u00a0from 2023 to 2024. <\/p>\n\n\n\n Chronic firefighting makes manual or partially automated patching overly burdensome, further pushing patching down teams\u2019 priority lists.<\/p>\n\n\n\n R<\/span>elying on manual or partially automated patching systems is considered too time-consuming, further reducing patching to the bottom of a team\u2019s action item list. This is\u00a0consistent with an Ivanti study\u00a0that found that the majority (71%) of IT and security professionals think patching is overly complex, cumbersome and time-consuming.<\/p>\n\n\n\n Attackers aggressively exploit legacy Common Vulnerabilities and Exposures (CVEs), often ten or more years old.<\/p>\n\n\n\n A sure sign of how effective attackers\u2019 tradecraft is becoming at targeting legacy CVEs is their success with vulnerabilities in some cases, 10-plus years old. A sure sign that attackers are finding new ways to weaponize old vulnerabilities is reflected in the startling stat that 76% of vulnerabilities leveraged by ransomware were reported between 2010 and 2019. The misalignment between IT and security teams compounds delays, with 27% lacking cohesive patch strategies and nearly a quarter disagreeing on patch schedules. One of the unexpected benefits of automating patch management is breaking the impasse between IT and security when it comes to managing the patch workload. \u00a0\u00a0<\/p>\n\n\n\n \u201cTypically, on average, an enterprise may patch 90% of desktops within two to four weeks, 80% of Windows servers within six weeks and only 25% of Oracle Databases within six months from patch release date\u201d, writes Gartner in their recent report, \u201cWe\u2019re not patching our way out of vulnerability exposure.\u201d The report states that \u201cthe cold, hard reality is that no one is out patching threat actors at scale in any size organization, geography or industry vertical.\u201d<\/p>\n\n\n\n Every unpatched endpoint or threat surface invites attackers to exploit it. Enterprises are losing the patching race, which motivates attackers even more.<\/p>\n\n\n\n In the meantime, patching has become exponentially more challenging for security and IT teams to manage manually. Approximately a decade ago, ring deployment began to rely on Microsoft-dominated networks. Since then, ring deployments have proliferated across on-premise and cloud-based patch and risk management systems. Ring deployment provides a phased, automated strategy, shrinking attacker windows and breach risks.<\/p>\n\n\n\n Ring deployment rolls out patches incrementally through carefully controlled stages or \u201crings:\u201d<\/p>\n\n\n\n Ivanti\u2019s recent release of ring deployment is designed to give security teams greater control over when patches will be deployed, to which systems and how each sequence of updates will be managed. By addressing patching issues early, the goal is to minimize risks and reduce and eliminate disruptions.<\/p>\n\n\n\n Relying on outdated vulnerability ratings to lead patch management strategies only increases the risk of a breach as enterprises race to keep up with growing patch backlogs. That\u2019s often when patching becomes cybersecurity\u2019s endless nightmare, with attackers looking to capitalize on the many legacy CVEs that remain unprotected.<\/p>\n\n\n\n Gartner\u2019s take in their recent report \u201cModernize windows and third-party application patching\u201d makes the point brutally clear, showing how traditional patching methods routinely fail to keep pace. In contrast, enterprises embracing ring deployment are getting measurable results. Their research finds ring deployment achieves a \u201c99% patch success within 24 hours for up to 100,000 PCs,\u201d leaving traditional methods far behind.<\/p>\n\n\n\n During an interview with VentureBeat, Tony Miller, Ivanti\u2019s VP of enterprise services, emphasized that \u201cIvanti Neurons for Patch Management and implementing Ring Deployment is an important part of our Customer Zero journey.\u201d He said the company uses many of its own products, which allows for a quick feedback loop and gives developers insight into customers\u2019 pain points. <\/p>\n\n\n\n Miller added: \u201cWe\u2019ve tested out Ring Deployment internally with a limited group, and we are in the process of rolling it out organization-wide. In our test group, we have benefited from deploying patches based on real-world risk, and ensuring that updates don\u2019t interrupt employee productivity\u2013a significant challenge for any IT organization.\u201d<\/p>\n\n\n\n VentureBeat also spoke with Jesse Miller, SVP and director of IT at Southstar Bank, about leveraging Ivanti\u2019s dynamic Vulnerability Risk Rating (VRR), an AI-driven system continuously recalibrated with real-time threat intelligence, live exploit activity, and current attack data.<\/p>\n\n\n\n Miller stated clearly: \u201cThis is an important change for us and the entire industry. Judging a patch based on its CVSS now is like working in a vacuum. When judging how impactful something can be, you have to take everything from current events, your industry, your environment and more into the equation. Ultimately, we are just making wiser decisions as we are not disregarding CVSS scoring; we are simply adding to it.\u201d<\/p>\n\n\n\n Miller also highlighted his team\u2019s prioritization strategy: \u201cWe have been able to focus on prioritizing Zero-Day and Priority patches to get out first, as well as anything being exploited live in the wild. Using patch prioritization helps us eliminate our biggest risk first so that we can reduce our attack surface as quickly as possible.\u201d<\/p>\n\n\n\n By combining ring deployment and dynamic VRR technology, Ivanti Neurons provides enterprises with structured visual orchestration of incremental patch rollouts. This approach sharply reduces Mean-Time-to-Patch (MTTP), accelerating patches from targeted testing through full deployment and significantly decreasing the exposure windows that attackers exploit.<\/p>\n\n\n\n When selecting enterprise patch management solutions, apparent differences emerge among leading providers, including Microsoft Autopatch, Tanium, ServiceNow and Ivanti Neurons.<\/p>\n\n\n\n Microsoft Autopatch relies on ring deployment but is restricted to Windows environments, including Microsoft 365 applications. Ivanti Neurons expands on this concept by covering a broader spectrum, including Windows, macOS, Linux and various third-party applications. This enables enterprise-wide patch management for organizations with large-scale, diverse infrastructure.<\/p>\n\n\n\n Tanium stands out for its robust endpoint visibility and detailed reporting features, but its infrastructure requirements typically align better with resource-intensive enterprises. Meanwhile, ServiceNow\u2019s strength lies in workflow automation and IT service management integrations. Executing actual patches often demands significant additional customization or third-party integrations.<\/p>\n\n\n\n Ivanti Neurons aims to differentiate by integrating dynamic risk assessments, phased ring deployments and automated workflows within a single platform. It directly addresses common enterprise challenges in patch management, including visibility gaps, operational complexity and uncertainty about vulnerability prioritization with real-time risk assessments and intuitive visual dashboards.<\/p>\n\n\n\n Patching alone cannot eliminate vulnerability exposure. Gartner\u2019s analysts continue to stress the necessity of integrating compensating controls, including endpoint protection platforms (EPP), multifactor authentication, and network segmentation to reinforce security beyond basic patching.<\/p>\n\n\n\n Combining ring deployment with integrated compensating controls that are part of a broader zero-trust framework ensures security, allows IT teams to shrink exposure windows, and better manage cyber risks.<\/p>\n\n\n\n Ivanti\u2019s approach to ring deployment incorporates real-time risk assessments, automated remediation workflows, and built-in threat management, directly aligning patch management with broader business resilience strategies. The design decision to make it part of Neurons for Patch Management delivers the scale enterprises need to improve risk management\u2019s real-time visibility. \u00a0<\/p>\n\n\n\n Bottom line: <\/strong>Integrating ring deployment with compensating controls and prioritization tools transforms patch management from a reactive burden to a strategic advantage.<\/p>\n Daily insights on business use cases with VB Daily<\/strong><\/p>\n If you want to impress your boss, VB Daily has you covered. We give you the inside scoop on what companies are doing with generative AI, from regulatory shifts to practical deployments, so you can share insights for maximum ROI.<\/p>\n \n\t\t\t\t\tThanks for subscribing. Check out more VB newsletters here.\n\t\t\t\t<\/p>\n An error occured.<\/p>\n<\/p><\/div>\n
\n<\/div>When it comes to patching, complacency kills<\/strong><\/h2>\n\n\n\n
Ring deployment: proactive defense at scale<\/strong><\/h2>\n\n\n\n
\n
![\"\"](\"https:\/\/venturebeat.com\/wp-content\/uploads\/2025\/05\/gartner-image.jpg\")
Ring deployment crushes MTTP, ends reactive patching chaos<\/strong><\/h2>\n\n\n\n
![\"\"](\"https:\/\/venturebeat.com\/wp-content\/uploads\/2025\/05\/dept-a-ring-deployment.jpg?w=800\")
Comparing Ivanti Neurons, Microsoft Autopatch, Tanium and ServiceNow: Key strengths and gaps<\/strong><\/h2>\n\n\n\n
![\"\"](\"https:\/\/venturebeat.com\/wp-content\/uploads\/2025\/05\/neurons-interface-1.jpg?w=800\")
Transforming patch management into a strategic advantage<\/strong><\/h2>\n\n\n\n
![\"\"\/](\"https:\/\/venturebeat.com\/wp-content\/themes\/vb-news\/brand\/img\/vb-daily-phone.png\")
\n\t\t\t\t<\/div>\n<\/p><\/div>\n<\/div>\t\t\t<\/div>\r\n