Patch Management

The Patch Management service automates the process of deploying security patches and updates across the cloud infrastructure. It ensures that Tagged resources are consistently updated with the latest patches to mitigate vulnerabilities and enhance security. This service streamlines the patching process, reducing manual effort and minimizing security risks due to unpatched vulnerabilities. With Patch Management, organizations can effectively protect their AWS environment against known security vulnerabilities, maintain compliance with industry regulations, and minimize the impact of potential security incidents.

In the patch management service uses Patch Software to update supported operating systems running within in-scope virtual machines with the latest security patches. During onboarding SoftwareOne deploys Patch Software agents and Tags to supported virtual machines.  Customer defines up to three (3) patch waves including the week of the month, day of the week and start and end time each patch wave should run and any change freeze windows that should be observed from available configurations. SoftwareOne stores this configuration in the Service Design which Customer can change as required after onboarding by raising a Service Request.

Following onboarding Customer configures the Tags to define which virtual machines should be patched, allocating them to one (1) of three (3) patch waves to control the order in which virtual machines are updated.

The service monitors for available vendor patches and installs patches according to the patch waves defined by Customer. 

The service creates a snapshot of the virtual machine prior to patching, monitors the patch installation, and notifies the outcome.  If the patch fails, Customer can investigates the failure, attempts to remediate it, or restores the virtual machine as needed.

Important: It is Customers responsibility to assess the impact of applying, not applying or delaying each patch. SoftwareOne shall not be liable or responsible for any issues (including any losses) which may arise following the installation of a patch or a decision to not apply of delay a patch.

The SoftwareOne Cloud Management Portal provides reports of patch compliance coverage and failed patches.

Customers with an active Maintenance and Change Management subscription may request changes to the configuration at any time by raising a Service Request.