The text discusses the importance of preventative risk management for infrastructure vulnerabilities in cloud environments. It highlights that vulnerability scanning is a last line of defense and that organizations should focus on proactive measures to shift security left and narrow the window for exploits. The article explains how modernizing image practices can help meet the security demands of cloud environments, particularly by implementing an industrialized, immutable approach to patching system images. It introduces HashiCorp's HCP Terraform and HCP Packer products as tools to address vulnerabilities in infrastructure, enabling a comprehensive workflow that reduces vulnerabilities through preventative risk management. The article concludes that this approach is proactive, like locking the door before leaving the house, and alleviates the burden on reactive security methods. By continuously repaving with this vulnerability and patch management workflow, organizations can prevent vulnerabilities from getting out into their infrastructure and reduce the window for exploitation.