Give up! Just stop patching vulnerabilities! - Nate Sanders (mauvehed)

DevOpsDays 2025 Talk: Tired of endlessly patching vulnerabilities? It’s time to rethink the game. This talk challenges the reactive approach to vulnerability management and offers actionable strategies for developers to prevent first-party vulnerabilities altogether. By focusing on cultural changes, targeting entire classes of vulnerabilities (like XSS and SQL injection), adopting threat modeling, and rethinking patch cycles for third-party dependencies, you can shift from firefighting to building resilient systems. We’ll even explore modern techniques like ephemeral infrastructure and burn-and-replace methodologies to reduce reliance on traditional patching.