Developing security patches