What do you do when you've made a large investment in a system, be it Oracle, SAP, PeopleSoft, VMware, and the vendor wants you to go to their cloud services and your business wants to realize their investment in the existing platform? Or your current system is working fine, the vendor support costs are high and you just want some breathing room while you plan and implement the transformed system your future business needs? The answer is easy for your business - sweat the assets, find cheaper support! However this poses quite a few challenges for us security professionals - how do we access security patches, are they even being produced by the vendor anymore, how do I mitigate risks that newly discovered vulnerabilities might present and how do I appease my GRC and auditors when patching isn't an option anymore? Find out how we do it in this session!