Organizations without the time or talent to patch may find patching-as-a-service to be a way to improve security.