How do you scan, prioritize, and patch vulnerabilities in critical systems without causing operational downtime?