Zum Inhalt springen
Proactive security updates
Technical Questions

How quickly are security patches applied?

Answer

With security patches, we prioritize by severity. Critical patches with a CVSS score of 9.0 or higher are applied within 24 hours, because here the window between disclosure and active exploitation is typically very short. For zero-day vulnerabilities with active exploits, we respond immediately and, if no official patch is yet available, deploy compensating controls such as targeted filter rules.

Regular, less critical security updates are bundled into monthly to weekly maintenance windows depending on the SLA tier, each with an upstream staging test. This gradation ensures that acute threats are addressed immediately, while routine updates run in a controlled way without unnecessary interventions on the live system. The exact timeframes are part of your SLA.