← All topics
Cyber-insurance readiness

Vulnerability Management

Patching and configuration hygiene.

Why it matters

Unpatched, internet-facing systems are scanned and exploited within hours of a disclosure.

What strong practice looks like

Patching internet-facing systems, retiring end-of-life software, and hardened baselines.

What this area covers

Also covered in this area

  • Are critical patches actively managed on internet-facing systems?
  • Are you free of end-of-life / unsupported software?
  • Is a hardened baseline configuration applied across devices?
  • Are Office macros disabled by default?

This library is general education, not advice about your specific organization. It describes what each control is and what strong practice looks like; whether and how any of it applies to you is your decision, in consultation with your carrier, broker, or counsel.